Interview with Arnold Robbins
Arnold Robbins has been the maintainer of gawk for over three decades; he has also written or revised more than ten books related to Unix systems.
Authors: Rik Farrow, Arnold Robbins
Article shepherded by: Rik Farrow
Understanding and Improving Web Application Fingerprinting with WASABO
Web application fingerprinting tools can help both defenders and attackers. But how well do they actually work? We tested them in the lab and in the wild.
Authors: Nick Nikiforakis, Brian Kondracki
Article shepherded by: Rik Farrow
Telescope: Profiling Memory Access Patterns at the Terabyte-scale
Telescope is a new memory access profiling tool that can detect access patterns for terabytes-large working sets quickly, precisely and at low overheads.
Authors: Alan Nair, Sandeep Kumar, Aravinda Prasad
Article shepherded by: Rik Farrow
Anvil: Building Kubernetes Controllers That Do Not Break
Anvil is a set of tools used to prove the correctness of container controllers like Kubernetes, and includes several proven-correct examples of controllers.
Authors: Xudong Sun, Jiawei Tyler Gu, Cody Rivera, Tej Chajed, Jon Howell, Andrea Lattuada, Oded Padon, Lalith Suresh, Adriana Szekeres, Tianyin Xu
Article shepherded by: Rik Farrow
SIEVE: Cache eviction can be simple, effective, and scalable
SIEVE is a new cache eviction algorithm featuring the simplicity of FIFO with state-of-the-art performance; we describe how SIEVE works and why it's better.
Authors: Juncheng Yang, Yazhuo Zhang, Yao Yue, Ymir Vigfusson, Rashmi Vinayak
Article shepherded by: Rik Farrow
NSDI'24 Test-of-Time Award: Header Space Analysis
With almost 1,000 cites, Peyman Kazmian's NSDI'12 paper remains popular and has lead to the forming of a company.
Authors: Rik Farrow, Peyman Kazemian
Article shepherded by: Rik Farrow
Computer Architecture
A well-written and easy-to-read book that will be helpful to anyone interested in modern computer architectures.
Authors: Rik Farrow
Article shepherded by: Rik Farrow
Hunting for Risky Dependencies
With the rise of microservices and complex systems, service owners are less aware of the critical user journeys depending on their systems.
Authors: Theo Klein, Jennifer Klein
Article shepherded by: Rik Farrow
Understanding the Workload Characteristics of Large Language Model Development
We present an in-depth characterization study of a six-month LLM development workload trace collected from our GPU datacenter Acme of Shanghai AI Laboratory.
Authors: Qinghao Hu, Peng Sun, Tianwei Zhang
Article shepherded by: Rik Farrow
AppStack: An Agile Platform for Running Digital Public Services
Authors: Dimitris Mitropoulos, Georgios Tsoukalas
Article shepherded by: Rik Farrow
Interview with Gary McGraw
McGraw has a long history in both AI and security. In this interview, McGraw debunks myths about LLM security and how people think about LLMs.
Authors: Gary McGraw, Rik Farrow
Article shepherded by: Rik Farrow
You Cannot Escape Me: Detecting Evasions of SIEM Rules in Enterprise Networks
We show that threat detection in enterprise networks suffers from blind spots through SIEM rule evasion and present a mitigation called Adaptive Misuse Detection.
Authors: Louis Hackländer-Jansen, Marco Herzog, Rafael Uetz
Article shepherded by: Rik Farrow
Code is not Natural Language: Unlock the Power of Semantics-Oriented Graph Representation for Binary Code Similarity Detection
The best binary code similarity detection have treated code as if it were natural language; our solution creates semantic representations of code for feeding into ML and is better.
Authors: Haojie He, Ziang Weng, Libo Chen
Article shepherded by: Rik Farrow
Being There: USENIX Security Symposium 2023
For me, attending USENIX Security is kinda like going home for the holidays
Authors: Abe Singer
Article shepherded by: Rik Farrow
FloatZone: How Floating Point Additions can Detect Memory Errors
We introduce FloatZone, a compiler-based sanitizer to detect spatial and temporal memory errors in C/C++ programs using lightweight checks that leverage the Floating Point Unit.
Authors: Floris Gorter, Enrico Barberis, Raphael Isemann, Erik van der Kouwe, Cristiano Giuffrida, Herbert Bos
Article shepherded by: Rik Farrow
Sneaky Spy Devices and Defective Detectors
Abusers sometimes spy on their partners using covert devices; to combat this threat, we find out what devices are available to abusers and whether common detectors can find them.
Authors: Rose Ceccio, Sophie Stephenson, Danny Huang, Rahul Chatterjee
Article shepherded by: Rik Farrow
FIDO2 with Attributes in Zero-Knowledge
Authentication and authorization systems currently rely on access to PII; in FIDO-AC, we extend FIDO2 to provide authorization information while maintaining privacy.
Authors: Wei-Zhu Yeoh, Michal Kepkowski, Gunnar Heide, Dali Kaafar, Lucjan Hanzlik
Article shepherded by: Rik Farrow
Reimagining Correctness SLOs: When 100% Means Failure
What do you do when user happiness isn't only about availability? A creative approach to correctness SLOs can improve collaboration between the business and IT.
Authors: Adam Newman
Article shepherded by: Laura Nolan