A
Angelos D. Keromytis
Researcher at Columbia University
Publications - 384
Citations - 20234
Angelos D. Keromytis is an academic researcher from Columbia University. The author has contributed to research in topics: The Internet & Denial-of-service attack. The author has an hindex of 71, co-authored 380 publications receiving 19448 citations. Previous affiliations of Angelos D. Keromytis include AT&T & Rothamsted Research.
Papers
More filters
Proceedings ArticleDOI
Countering code-injection attacks with instruction-set randomization
TL;DR: A new, general approach for safeguarding systems against any type of code-injection attack, by creating process-specific randomized instruction sets of the system executing potentially vulnerable software that can serve as a low-overhead protection mechanism, and can easily complement other mechanisms.
The KeyNote Trust-Management System Version 2
TL;DR: This memo describes version 2 of the KeyNote trust-management system, which specifies the syntax and semantics of KeyNote `assertions', describes `action attribute' processing, and outlines the application architecture into which a KeyNote implementation can be fit.
Book ChapterDOI
The role of trust management in distributed systems security
TL;DR: The concept of trust management is introduced, its basic principles are explained, and some existing trust-management engines are described, including PoHcyMaker and KeyNote, which allow for increased flexibility and expressibility, as well as standardization of modern, scalable security mechanisms.
Proceedings ArticleDOI
Implementing a distributed firewall
TL;DR: This paper presents the design and implementation of a distributed rewall using the KeyNote trust management system to specify, distribute, and resolve policy, and OpenBSD, an open source UNIX operating system.
Proceedings ArticleDOI
SOS: secure overlay services
TL;DR: This work proposes an architecture called Secure Overlay Services (SOS) that proactively prevents DoS attacks, geared toward supporting Emergency Services or similar types of communication, and demonstrates that such an architecture reduces the likelihood of a successful attack to minuscule levels.