读文章_你的名字5686的博客-优快云博客

读文章

关注

文章平均质量分 89

读一些安全相关论文的笔记

关注数：文章数：19 文章阅读量：13484 文章收藏量：1

作者: 你的名字5686

这个作者很懒，什么都没留下…

展开

专栏收录文章

Aquila: A Practically Usable Verification System for Production-Scale Programmable Data Planes

Aquila: A Practically Usable Verification System for Production-Scale Programmable Data PlanesIntroductionOverviewIntroduction四个目标：网络工程师能够轻松地表达他们的正确性规范；能够在几分钟内有效地验证生产规模的数据平面程序；在检测到违规行为后，它应该能够自动准确地定位数据平面和表条目中的错误；系统应该有能力自我验证自己的实施正确性四个挑战：规则复杂 —— 提

原创 2022-04-06 14:46:49 · 299 阅读 · 0 评论
Header space analysis: Static checking for networks

Header space analysis: Static checking for networksIntroductionThe Geometric ModelModeling Networking BoxesHeader Space AlgebraSet Operations on H\mathcal{H}HDomain, Range and Range InverseUsing Header Space AnalysisReachability AnalysisLoop DetectionSlice

原创 2022-03-24 14:12:00 · 351 阅读 · 0 评论
Debugging the Data Plane with Anteater

Debugging the Data Plane with AnteaterIntroductionOverviewAnteater DesignModeling network behaviorChecking reachabilityChecking forwarding loops, packet loss, and consistencyPacket transformationsApplication to invariant algorithmsApplication to other inva

原创 2022-03-19 16:03:38 · 340 阅读 · 0 评论
Checking Beliefs in Dynamic Networks

Checking Beliefs in Dynamic Networks

原创 2022-03-16 09:42:52 · 251 阅读 · 0 评论
网络验证调研

网络验证调研网络化分网络化分网络验证被划分为三个层面：数据平面输入：数据平面信息（转发表或流表、访问控制列表等）+ 网络图谱验证：数据平面下所有数据包转发行为与网络意图一致相关工作验证类型方法类型提出工具工作概况简况离线验证基于模型检测技术ConfigChecker（09）基于符号模型检测技术，使用状态机建模网络系统，将数据包的头部信息和所处位置建模为状态，将数据平面转发信息与网络拓扑建模为状态转移关系,然后遍历状态空间验证使用计算树逻辑 (Compu

原创 2022-03-04 17:03:48 · 5146 阅读 · 0 评论
Network Configuration in A Box: Towards End-to-End Verification of Network Reachability and Security

Network Configuration in A Box: Towards End-to-End Verification of Network Reachability and SecurityOverviewThe ModelBasic ModelExtended ModelModel Checking ExampleImplementationAutomated Configuration Verification and AnalysisConfigChecker Query Interface

原创 2022-03-04 17:02:27 · 180 阅读 · 0 评论
Stratified Abstraction of Access Control Policies

Stratified Abstraction of Access Control PoliciesIntroductionOverviewApproachSolution: Computing Findings via Stratified AbstractionConcrete EnumerationPredicate AbstractionStratified AbstractionAlgorithmPolicies and FindingsPropertiesAlgorithmImplementati

原创 2022-01-13 17:05:35 · 156 阅读 · 0 评论
Semantic-based Automated Reasoning for AWS Access Policies using SMT

Semantic-based Automated Reasoning for AWS Access Policies using SMTIntroductionApproachPolicy language overviewExampleSMT EncodingString constraintsIntroduction访问控制策略是对哪些资源可以访问、由谁访问以及在什么条件下访问的表达性规范。云客户想要一个工具，允许他们根据安全要求检查策略配置AWS 提供了一种policy language

原创 2022-01-10 21:16:53 · 314 阅读 · 0 评论
Reachability Analysis for AWS-Based Networks

Reachability Analysis for AWS-Based NetworksIntroductionAWS NetworkingAWS Networking Semantics as LogicDatalog EncodingSMT EncodingFirst-Order EncodingUsage and PerformanceAmazon InspectorIntroductionTiros使用现成的自动定理证明工具对使用AWS API构建的虚拟网络进行正式分析Tiros将AWS

原创 2022-01-05 14:56:47 · 535 阅读 · 0 评论
Formal Reasoning About the Security of Amazon Web Services

Formal Reasoning About the Security of Amazon Web ServicesIntroductionSecurity of the CloudWhere Formal Reasoning Fits In.Securing Customers in the CloudChallengeIntroduction相关工作How Amazon web services uses formal methods. —— 关键分布式算法的正确性Verifying clo

原创 2022-01-04 11:11:26 · 133 阅读 · 0 评论
Understanding Bounding Functions in Safety-Critical UAV Software

Understanding Bounding Functions in Safety-Critical UAV SoftwareIntroduction无人机软件安全的经验视角A Datatype-based TaxonomyA Differential SimulationSummarBackgroundEngine and PoseNavigationPaparazzi Flight Controller SoftwareUnderstanding bounding functions statical

原创 2021-12-27 16:13:24 · 227 阅读 · 0 评论
HAWatcher: Semantics-Aware Anomaly Detection for Appified Smart Homes

原创 2021-12-24 22:08:53 · 3318 阅读 · 0 评论
From Control Model to Program: Investigating Robotic Aerial Vehicle Accidents with MAYDAY

From Control Model to Program: Investigating Robotic Aerial Vehicle Accidents with MAYDAYOverviewIntroduction导致RAVs事故的原因（包括但不限于）第三种难以检查提出了MAYDAY贡献背景和模型RAV控制模型RAV控制程序信任模型和假设威胁模型ExampleMAYDAY Framework控制引导控制程序分析控制变量依赖关系图CVDG与控制程序将CVDG节点映射到程序变量将CVDG边映射到程序代码Co

原创 2021-12-22 21:59:43 · 293 阅读 · 0 评论
变质测试综述（2016 A Survey on Metamorphic Testing）

变质测试综述（2016 A Survey on Metamorphic Testing）变质测试相关情况总览技术进展对变质关系的探索好的变质关系应该具有的属性变质关系的构建原测试用例的生成变质测试样例的执行包含的内容相关的技术领域应用Web服务与应用计算机制图嵌入式系统模拟和建模机器学习组件数字程序编译器其他与其他技术的结合实验评估的方式目标程序原测试样例错误类型变质关系（一般小于10个）用到的衡量指标挑战时间节点：98年-15年文章总览：119 papers、12 application areas

原创 2021-12-18 14:02:40 · 394 阅读 · 0 评论
An Automatic Testing Approach for Compiler Based on Metamorphic Testing Technique

An Automatic Testing Approach for Compiler Based on Metamorphic Testing Technique介绍背景知识编译器的自动变质测试框架使用的变质关系生成等价测试程序方法等效表达式的构造等效赋值块的建造等效子模块的构建实验和应用Mettoc介绍现有的问题及方法Oracle的生成基于参考的方法需要高度可靠的参考编译器基于断言的方法将断言添加到源程序中，以检查断言点的行为是否与程序语义一致Back-to-back ap

原创 2021-12-18 14:01:46 · 236 阅读 · 0 评论
Complier Validation via Equivalence Modulo Inputs

Complier Validation via Equivalence Modulo Inputs总览Equivalence Modulo Inputs (EMI)说明性示例误编译的特性两个示例说明LLVMGCCEMI和Orion定义使用EMI Variants进行差分测试Orion实验设置和结果参数定量结果总览Equivalence Modulo Inputs (EMI)思想：利用输入子集上动态执行程序PPP和理所有输入上静态编译PPP之间的相互作用。给定程序PPP以及一组输入值III，输入集

原创 2021-12-18 14:00:15 · 258 阅读 · 0 评论
A Survey of Compiler Testing

A Survey of Compiler TestingOverview测试程序生成Overview挑战测试样例生成以语法为导向的方法Context-free grammarAffix grammarAttribute grammarW-grammar语法模型语法辅助的方法相关工作其他方法Overview一些特点：11年出现了Csmith以及CReduce等易用有效的工具，11年到18年中50%的工作基于这些软件测试程序生成Overview挑战测试程序的有效性测试程序的多样性

原创 2021-12-18 13:59:35 · 316 阅读 · 0 评论
Finding Deep Compiler Bugs via Guided Stochastic Program Mutation

Finding Deep Compiler Bugs via Guided Stochastic Program Mutation背景知识Markov Chain Monte Carlo（MCMC）实施距离函数（基于控制流图）MCMC Sampling插入新的代码AthenaExtracting Statement CandidatesProposing Variants实验背景知识Markov Chain Monte Carlo（MCMC）Monte Carlo：在目标分布p(X)p(X)p(X)

原创 2021-12-18 13:58:26 · 254 阅读 · 0 评论
RVFUZZER: Finding Input Validation Bugs in Robotic Vehicles Through Control-Guided Testing

RVFUZZER: Finding Input Validation Bugs in Robotic Vehicles Through Control-Guided TestingOverviewIntroduction攻击面传统fuzz的问题关键ideaBackgroundRV Control ModelRV Control ProgramControl Parameters攻击模型模型和假设JustificationsRVFuzzer DesignOverviewControl Instability

原创 2021-12-18 13:47:44 · 506 阅读 · 0 评论

读文章

作者: 你的名字5686

Aquila: A Practically Usable Verification System for Production-Scale Programmable Data Planes

Header space analysis: Static checking for networks

Debugging the Data Plane with Anteater

Checking Beliefs in Dynamic Networks

网络验证调研

Network Configuration in A Box: Towards End-to-End Verification of Network Reachability and Security

Stratified Abstraction of Access Control Policies

Semantic-based Automated Reasoning for AWS Access Policies using SMT

Reachability Analysis for AWS-Based Networks

Formal Reasoning About the Security of Amazon Web Services

Understanding Bounding Functions in Safety-Critical UAV Software

HAWatcher: Semantics-Aware Anomaly Detection for Appified Smart Homes

From Control Model to Program: Investigating Robotic Aerial Vehicle Accidents with MAYDAY

变质测试综述（2016 A Survey on Metamorphic Testing）

An Automatic Testing Approach for Compiler Based on Metamorphic Testing Technique

Complier Validation via Equivalence Modulo Inputs

A Survey of Compiler Testing

Finding Deep Compiler Bugs via Guided Stochastic Program Mutation

RVFUZZER: Finding Input Validation Bugs in Robotic Vehicles Through Control-Guided Testing