Related Publications

Below is a list of publications in reverse chronological order that pertain to the project.

• BUZZ: Testing context-dependent policies in stateful networks
  S. K. Fayaz, T. Yu, Y. Tobioka, S. Chaki, and V. Sekar
  In 13th USENIX Symposium on Networked Systems Design and Implementation, March 2016.
• Mitigating storage side channels using statistical privacy mechanisms
  Q. Xiao, M. K. Reiter, and Y. Zhang
  In 22nd ACM Conference on Computer and Communications Security, October 2015.
• Nomad: Mitigating arbitrary cloud side channels via provider-assisted migration
  S.-J. Moon, V. Sekar, and M. K. Reiter
  In 22nd ACM Conference on Computer and Communications Security, October 2015.
• PGA: Using graphs to express and automatically reconcile network policies
  C. Prakash, J. Lee, Y. Turner, J.-M. Kang, A. Akella, S. Banerjee, C. Clark, Y. Ma, P. Sharma, and Y. Zhang
  In ACM SIGCOMM 2015 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, August 2015.
• Improving the safety, scalability, and efficiency of network function state transfers
  A. Gember-Jacobson and A. Akella
  In ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization, August 2015.
• The Pythia PRF service
  A. Everspaugh, R. Chaterjee, S. Scott, A. Juels, and T. Ristenpart
  In 24th USENIX Security Symposium, August 2015.
• Flexible and elastic DDoS defense using Bohatei
  S. K. Fayaz, Y. Tobioka, V. Sekar, and M. Bailey
  In 24th USENIX Security Symposium, August 2015.
• Replica placement for availability in the worst case
  P. Li, D. Gao, and M. K. Reiter
  In 35th IEEE International Conference on Distributed Computing Systems, June 2015.
• Trust as the foundation of resource exchange in GENI
  M. Brinn and N. Bastin and A. Bavier and M. Berman and J. Chase and R. Ricci
  In 10th EAI International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, June 2015.
• Measuring control plane latency in SDN-enabled switches
  K. He, J. Khalid, A. Gember-Jacobson, C. Prakash, A. Akella, E. Li and M. Thottan
  In 1st ACM SIGCOMM Symposium on SDN Research, June 2015.
• Cracking-resistant password vaults using natural language encoders
  R. Chatterjee, J. Bonneau, A. Juels, and T. Ristenpart
  In IEEE Symposium on Security and Privacy, May 2015.
• SEER: Practical memory virus scanning as a service
  J. Gionta, A. Azab, W. Enck, P. Ning, and X. Zhang
  In 30th Annual Computer Security Applications Conference, December 2014.
• A survey of common security vulnerabilities and corresponding countermeasures for SaaS
  D. Kim, P. Ning, and M. Vouk
  In IEEE Globecom 2014 Workshop on Cloud Computing Systems, Networks, and Applications, December 2014.
• StopWatch: A cloud architecture for timing channel mitigation
  P. Li, D. Gao, and M. K. Reiter
  ACM Transactions on Information and System Security 17(2), November 2014.
• Cross-tenant side-channel attacks in PaaS clouds
  Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart
  In 21st ACM Conference on Computer and Communications Security, November 2014.
• WhoWas: A platform for measuring web deployments on IaaS clouds
  L. Wang, A. Nappa, J. Caballero, T. Ristenpart, and A. Akella
  In 14th ACM Internet Measurement Conference, November 2014.
• Scheduler-based defenses against cross-VM side-channels
  V. Varadarajan, T. Ristenpart, and M. Swift
  In 23rd USENIX Security Symposium, August 2014.
• OpenNF: Enabling innovation in network function control
  A. Gember, R. Vishwanathan, C. Prakash, R. Grandl, J. Khalid, S. Das, and A. Akella
  In ACM SIGCOMM 2014 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, pages 163-174, August 2014.
• Testing stateful and dynamic data planes with FlowTest
  S. K. Fayazbakhsh and V. Sekar
  In 3rd ACM Workshop on Hot Topics in Software Defined Networking, August 2014.
• DACSA: A decoupled architecture for cloud security analysis
  J. Gionta, A. Azab, W. Enck, P. Ning, and X. Zhang
  In 7th Workshop on Cyber Security Experimentation and Test, August 2014.
• Secure authorization for federated environments (SAFE): Overview and progress report
  J. Chase and V. Thummala
  Technical Report CS-2014-003, Department of Computer Science, Duke University, 2014.
• A guided tour of SAFE GENI
  J. Chase and V. Thummala
  Technical Report CS-2014-002, Department of Computer Science, Duke University, 2014.
• Integrating VCL into a re-configurable cloud computing layer on an IBM BG/P supercomputer
  G. Mathew, P. Dreher, and M. Vouk
  In 2nd International IBM Cloud Academy Conference, May 2014.
• Enforcing network-wide policies in the presence of dynamic middlebox actions using FlowTags
  S. Fayazbakhsh, V. Sekar, M. Yu, and J. Mogul
  In 11th USENIX Symposium on Networked System Design and Implementation, April 2014.
• Securing hadoop in cloud
  X. Yu, P. Ning, and M. Vouk
  In Symposium and Bootcamp on the Science of Security (HotSoS), pages 155-156, April 2014.
• Diversity-based detection of security anomalies
  R. Venkatakrishnan and M. Vouk
  In Symposium and Bootcamp on the Science of Security (HotSoS), pages 160-161, April 2014.
• Verifiable network function outsourcing: Requirements, challenges, and roadmap
  S. K. Fayazbakhsh, M. K. Reiter, and V. Sekar
  In Workshop on Hot Topics in Middleboxes and Network Function Virtualization, pages 25–30, December 2013.
• Düppel: Retrofitting commodity operating systems to mitigate cache side channels in the cloud
  Y. Zhang and M. K. Reiter
  In 20th ACM Conference on Computer and Communications Security, pages 827–837, November 2013.
• Next stop, the cloud: Understanding modern web service deployment in EC2 and Azure
  K. He, A. Fisher, L. Wang, A. Gember, A. Akella and T. Ristenpart
  In Internet Measurement Conference, pages 177–190, October 2013.
• Ensuring file authenticity in private DFA evaluation on encrypted files in the cloud
  L. Wei and M. K. Reiter
  In Computer Security – ESORICS 2013: 18th European Symposium on Research in Computer Security (Lecture Notes in Computer Science 8134), September 2013.
• DupLESS: Server-aided encryption for deduplicated storage
  M. Bellare, S. Keelveedhi, and T. Ristenpart
  In 22nd USENIX Security Symposium, August 2013.
• SIMPLE-fying middlebox policy enforcement using SDN
  Z. Qazi, C. Tu, L. Chiang, R. Miao, V. Sekar, and M. Yu
  In ACM SIGCOMM 2013 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, August 2013.
• FlowTags: Enforcing network-wide policies in the presence of dynamic middlebox actions
  S. Fayazbakhsh, V. Sekar, M. Yu, and J. Mogul
  In 2nd ACM Workshop on Hot Topics in Software Defined Networking, August 2013.
• Mitigating access-driven timing channels in clouds using StopWatch
  P. Li, D. Gao, and M. K. Reiter
  In 43rd IEEE/IFIP International Conference on Dependable Systems and Networks, June 2013.
• Message-locked encryption and secure deduplication
  M. Bellare, S. Keelveedhi, and T. Ristenpart
  In Advances in Cryptology – EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Application of Cryptographic Techniques, pages 296–312, May 2013.
• Toward verifiable resource accounting for outsourced computation 
  C. Chen, P. Maniatis, A. Perrig, A. Vasudevan, and V. Sekar
  In 9th Annual International Conference on Virtual Execution Environments, pages 167–178, March 2013.
• New approaches to security and availability for cloud data
  A. Juels and A. Oprea
  Communications of the ACM 56(2): pages 64–73, February 2013.
• New opportunities for load balancing in network-wide intrusion detection systems 
  V. Heorhiadi, M. K. Reiter, and V. Sekar
  In 8th International Conference on Emerging Networking Experiments and Technologies, pages 361–372, December 2012.
• Iris: A scalable cloud file system with efficient integrity checks
  E. Stefanov, M. van Dijk, A. Oprea, and A Juels
  In 28th Annual Computer Security Applications Conference, pages 229–238, December 2012.
• Cross-VM side channels and their use to extract private keys
  Y. Zhang, A. Juels, M. K. Reiter, and T. Ristenpart
  In 19th ACM Conference on Computer and Communications Security, pages 305–316, October 2012.
• More for your money: Exploiting performance heterogeneity in public clouds
  B. Farley, V. Varadaraja, K. Bowers, A. Juels, T. Ristenpart, and M. Swift
  In 3rd ACM Symposium on Cloud Computing, October 2012.
• Resource-freeing attacks: Improve your cloud performance (at your neighbor’s expense)
  V. Varadarajan, T. Kooburat, B. Farley, T. Ristenpart, and M. Swift
  In 19th ACM Computer and Communications Security, pages 281–292, October 2012.
• Third-party private DFA evaluation on encrypted files in the cloud
  L. Wei and M. K. Reiter
  In Computer Security – ESORICS 2012: 17th European Symposium on Research in Computer Security (Lecture Notes in Computer Science 7459), pages 523–540, September 2012.
• Multi-resource fair queueing for packet processing 
  A. Ghodsi, V. Sekar, M. Zaharia, and I. Stoica
  In ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pages 1–12, August 2012.
• Making middleboxes someone else’s problem: Network processing as a cloud service 
  J. Sherry, S. Hassan, C. Scott, A. Krishnamurthy, S. Ratnasamy, and V. Sekar
  In ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pages 13–24, August 2012.
• How to tell if your cloud files are vulnerable to drive crashes
  K. D. Bowers, M. van Dijk, A. Juels, A. Oprea, and R L. Rivest
  In 18th ACM Conference on Computer and Communications Security, pages 501–514, October 2011.
• Verifiable resource accounting for cloud computing services 
  V. Sekar and P. Maniatis
  In 3rd ACM Workshop on Cloud Computing Security, pages 21–26, October 2011.
• Trusted Platform-as-a-Service: A foundation for trustworthy cloud-hosted applications
  A. Brown and J. Chase
  In 3rd ACM Cloud Computing Security Workshop, October 2011.
• HomeAlone: Co-residency detection in the cloud via side-channel analysis
  Y. Zhang, A. Juels, A. Oprea, and M.K. Reiter
  In IEEE Symposium on Security and Privacy, pages 313–328, 2011.
• On the impossibility of cryptography alone for privacy-preserving cloud computing
  M. van Dijk and A. Juels
  In USENIX Workshop on Hot Topics in Security, pages 1–8, 2010.
• HAIL: A high-availability and integrity layer for cloud storage
  K.D. Bowers, A. Juels, and A. Oprea
  In 16th ACM Conference on Computer and Communications Security, pages 187–198, 2009.
• Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds
  T. Ristenpart, E. Tromer, H. Shacham, and S. Savage
  In 16th ACM Conference on Computer and Communications Security, pages 199–212, November 2009.
• Proofs of retrievability: Theory and implementation
  K.D. Bowers, A. Juels, and A. Oprea
  In Cloud Computing Security Workshop, pages 43–54, 2009.
• PORs: Proofs of retrievability for large files
  A. Juels and B. S. Kaliski, Jr.
  In 14th ACM Conference on Computer and Communications Security, pages 584–597, 2007.

* Please note: Papers not linked above do not yet have a DOI registration. We shall link them as soon as a doi link is available. Please contact us directly at Project Silver Webmaster if you need the full-text of a paper not linked above. Thanks.