David Molnar

David Molnar
Microsoft · Security and Privacy Research Group

About

64
Publications
22,371
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
5,440
Citations

Publications

Publications (64)
Article
With the rise of sensors such as Microsoft Kinect, gesture-based interfaces have become practical. However, to recognize such gestures, applications need access to users' depth and video, exposing sensitive data about individuals and their environment. Prepose, a domain-specific language for building gesture recognizers, combined with a system arch...
Article
Full-text available
Tree automata and transducers are used in a wide range of applications in software engineering. While these formalisms are of immense practical use, they can only model finite alphabets. To overcome this problem we augment tree automata and transducers with symbolic alphabets represented as parametric theories. Admitting infinite alphabets makes th...
Conference Paper
Full-text available
Immersive experiences that mix digital and real-world objects are becoming reality, but they raise serious privacy concerns as they require real-time sensor input. These experiences are already present on smartphones and game consoles via Kinect, and will eventually emerge on the web platform. However, browsers do not expose the display interfaces...
Article
String-manipulating programs are an important class of programs with applications in malware detection, graphics, input sanitization for Web security, and large-scale HTML processing. This paper extends prior work on BEK, an expressive domain-specific language for writing string-manipulating programs, with algorithmic insights that make BEK both an...
Article
In this paper, we investigate an approach to program synthesis that is based on crowd-sourcing. With the help of crowd-sourcing, we aim to capture the "wisdom of the crowds" to find good if not perfect solutions to inherently tricky programming tasks, which elude even expert developers and lack an easy-to-formalize specification. We propose an appr...
Conference Paper
Full-text available
In this paper, we investigate an approach to program synthesis that is based on crowd-sourcing. With the help of crowd-sourcing, we aim to capture the "wisdom of the crowds" to find good if not perfect solutions to inherently tricky programming tasks, which elude even expert developers and lack an easy-to-formalize specification. We propose an appr...
Article
Full-text available
Tree automata and tree transducers are used in a wide range of applications in software engineering, from XML processing to language type-checking. While these formalisms are of immense practical use, they can only model finite alphabets, and since many real-world applications operate over infinite domains such as integers, this is often a limitati...
Article
Tree automata and tree transducers are used in a wide range of applications in software engineering, from XML processing to language type-checking. While these formalisms are of immense practical use, they can only model finite alphabets, and since many real-world applications operate over infinite domains such as integers, this is often a limitati...
Article
AR systems pose potential security concerns that should be addressed before the systems become widespread.
Patent
Full-text available
The current invention is directed to embedded, wireless cloud-connector devices and systems that allow the embedded, wireless cloud-connector devices to be deployed in a variety of embedding devices, applications, and uses. The embedded, wireless, cloud-connector devices to which the current application is directed are implemented using a single in...
Data
Full-text available
Augmented reality (AR) applications sense the en-vironment, then render virtual objects on human senses. Examples include smartphone applications that annotate storefronts with reviews and XBox Kinect games that show "avatars" mimicking human movements. No current OS has special support for such applications. As a result, permissions for AR applica...
Data
Full-text available
Augmented reality (AR) takes natural user input (NUI), such as gestures, voice, and eye gaze, and produces digital visual overlays on top of reality seen by a user. Today, multiple shipping AR applications exist, most notably titles for the Microsoft Kinect and smartphone applications such as Layar, Wik-itude, and Junaio. Despite this activity, lit...
Article
Full-text available
Finite automata model a wide array of applications in software engineering, from regular expressions to specification languages. Finite transducers are an extension of finite automata tomodel functions on lists ofelements, which in turn haveusesinfieldsas diverseas computationallinguistics and model-based testing. Symbolic finite transducers are a...
Article
Full-text available
Finite automata and finite transducers are used in a wide range of applications in software engineering, from regu-lar expressions to specification languages. We extend these classic objects with symbolic alphabets represented as para-metric theories. Admitting potentially infinite alphabets makes this representation strictly more general and succi...
Conference Paper
Finite automata and finite transducers are used in a wide range of applications in software engineering, from regular expressions to specification languages. We extend these classic objects with symbolic alphabets represented as parametric theories. Admitting potentially infinite alphabets makes this representation strictly more general and succinc...
Conference Paper
Full-text available
We empirically analyzed sanitizer use in a shipping web application with over 400,000 lines of code and over 23,244 methods, the largest empirical analysis of sanitizer use of which we are aware. Our analysis reveals two novel classes of errors: context-mismatched sanitization and inconsistent multiple sanitization. Both of these arise not because...
Conference Paper
Web applications often use special string-manipulating sanitizers on untrusted user data, but it is difficult to reason manually about the behavior of these functions, leading to errors. For example, the Internet Explorer cross-site scripting filter turned out to transform some web pages without JavaScript into web pages with valid Java-Script, ena...
Article
Security sanitizers have long been known to be very difficult to implement correctly. Moreover, with the rise of the web, developers need string manipulating functions in both "server" and "client" languages. Hand-writing these functions separately is an open invitation to bugs. At the same time, auto-generated code will not be accepted unless it i...
Article
We present a domain-specific imperative language, Bek, that directly models low-level string manipulation code featuring boolean state, search operations, and substring substitutions. We show constructively that Bek is reversible through a semantics-preserving translation to symbolic finite state transducers, a novel representation for transducers...
Article
The primary defense against cross site scripting attacks in web applications is the use of sanitization, the practice of filtering untrusted inputs. We analyze sanitizer use in a shipping web application with over 400,000 lines of code, one of the largest applications studied to date. Our analysis reveals two novel problems: inconsistent sanitizati...
Article
Full-text available
As more and more organizations consider moving their applications and data from dedicated hosting infrastructure, which they own and operate, to shared infrastructure leased from 'the cloud', security remains a key sticking point. Tenants of cloud hosting providers have substantially less control over the construction, operation, and auditing of in...
Article
Full-text available
Researchers have recently begun to study the economics of the markets for illicit digital goods to better understand how to invest resources in the most effective mitigations. This line of work in security economics can greatly benefit from data gathering methodologies used for the study of another underground economy, which has been analyzed for t...
Article
We present a refined chosen-prefix collision construction for MD5 that allowed creation of a rogue Certification Authority (CA) certificate, based on a collision with a regular end-user website certificate provided by a commercial CA. Compared to the previous construction from Eurocrypt 2007, this paper describes a more flexible family of different...
Conference Paper
Full-text available
Recently, integer bugs, including integer overflow, width conversion, and signed/unsigned conversion errors, have risen to become a common root cause for serious security vulnerabilities. We introduce new methods for discover- ing integer bugs using dynamic test generation on x86 binaries, and we describe key design choices in efficient symbolic ex...
Conference Paper
Full-text available
Runtime property checking (as implemented in tools like Purify or Valgrind) checks whether a program execution satisfies a property. Active property checking extends runtime checking by checking whether the property is satisfied by all program executions that fol- low the same program path. This check is performed on a symbolic execution of the giv...
Conference Paper
RFID technology has raised a number of both real and imagined security and privacy fears and concerns. Since roughly 2001, a number of researchers have stepped up to the plate and proposed techniques for strengthening RFID security and privacy, while others have focused on attacking (and demonstrating weaknesses in) currently deployed RFID systems....
Conference Paper
Full-text available
Fuzz testing is an effective technique for finding security vulnerabilities in software. Traditionally, fuzz testing tools apply random mutations to well-formed inputs of a pro- gram and test the resulting values. We present an alterna- tive whitebox fuzz testing approach inspired by recent ad- vances in symbolic execution and dynamic test generati...
Conference Paper
Full-text available
The informal goal of a watermarking scheme is to "mark" a digital object, such as a picture or video, in such a way that it is dicult for an adversary to remove the mark without destroying the content of the object. Although there has been considerable work proposing and breaking watermarking schemes, there has been little attention given to the fo...
Conference Paper
Full-text available
We introduce new methods for detecting control-flow side channel attacks, transforming C source code to eliminate such attacks, and checking that the transformed code is free of control-flow side channels. We model control-flow side channels with a program counter transcript, in which the value of the program counter at each step is leaked to an ad...
Conference Paper
Full-text available
We present generic on-line/off-line threshold signatures, in which the bulk of signature computation can take place “off-line” during lulls in service requests [6]. Such precomputation can help systems using threshold signatures quickly respond to requests. For example, tests of the Pond distributed file system showed that computation of a threshol...
Article
Full-text available
With the development of provable security techniques, cryptographers have seen tension arise be-tween what is practical and what can be proven. In particular, the use of simulation to prove security of protocols against malicious parties requires that "special powers" be available to the simulator. To allow the simulator to exploit its special powe...
Conference Paper
We enumerate requirements and give constructions for the vote storage unit of an electronic voting machine. In this application, the record of votes must survive even an unexpected failure of the machine; hence the data structure should be durable. At the same time, the order in which votes are cast must be hidden to protect the privacy of voters,...
Conference Paper
Full-text available
Most prior designated confirmer signature schemes either prove security in the random oracle model (ROM) or use general zero-knowledge proofs for NP statements (making them impractical). By slightly modifying the definition of designated confirmer signatures, Goldwasser and Waisbard presented an approach in which the Confirm and ConfirmedSign proto...
Conference Paper
Full-text available
The ability to link two different sightings of the same Radio Frequency Identification (RFID) tag enables invasions of privacy. The problem is aggravated when an item, and the tag attached to it, changes hands during the course of its lifetime. After such an ownership transfer, the new owner should be able to read the tag but the old owner should n...
Conference Paper
Full-text available
We consider here the class of probability mass-function (PMF) based detectors of least signican t bit (LSB) embedded steganography. That is, in this paper we investigate the use of frequency counts of pixel intensities as a statistic for tests detecting the presence of hidden mes- sages. We focus on LSB replacement (though we briey consider LSB mat...
Article
We present generic on-line/off-line threshold signatures, in which the bulk of signature computation can take place "off-line" during lulls in service requests [6]. Such precomputation can help systems using threshold signatures quickly respond to requests. For example, tests of the Pond distributed file system showed that computation of a threshol...
Conference Paper
Full-text available
We introduce new methods for detecting control-flow side channel attacks, transforming C source code to eliminate such attacks, and checking that the transformed code is free of control-flow side channels. We model control-flow side channels with a program counter transcript, in which the value of the program counter at each step is leaked to an ad...
Conference Paper
Full-text available
Within the next year, travelers from dozens of nations may be carrying a new form of passport in response to a mandate by the United States government. The e-passport, as it is sometimes called, represents a bold initiative in the deployment of two new technologies: Radio-Frequency Identification (RFID) and biometrics. Important in their own right,...
Conference Paper
Full-text available
Radio Frequency Identication (RFID) technology raises significant privacy issues because it enables tracking of items and people possibly without their knowledge or consent. One of the biggest challenges for RFID technology is to provide privacy protection without raising tag production and management cost. We introduce a new architecture that uses...
Conference Paper
Full-text available
Mobile devices consider energy to be a limiting resource. Over the past decade significant research has gone into how one can reduce energy consumption at the hardware level, network protocol level, operating system level, and compiler level. In almost all algorithm analysis, a single resource such as time or communication is often taken as a proxy...
Article
We expose privacy issues related to Radio Frequency Identification (RFID) in libraries, describe current deployments, and suggest novel architectures for library RFID. Libraries are a fast growing application of RFID; the technology promises to relieve repetitive strain injury, speed patron self-checkout, and make possible comprehensive inventory....
Article
We present a balls-and-bins approach to scheduling communication in monitoring applications of sensor networks. In monitoring applications, each node in a routing tree wishes to send a fixed number of message to the root or "base station" once every T seconds. We propose dividing each T -second time period into n message-length slots and then allow...
Conference Paper
Full-text available
An abstract is not available.
Conference Paper
Full-text available
We expose privacy issues related to Radio Frequency Identification (RFID) in libraries, describe current deployments, and suggest novel architectures for library RFID. Libraries are a fast growing application of RFID; the technology promises to relieve repetitive strain injury, speed patron self-checkout, and make possible comprehensive inventory....
Conference Paper
Full-text available
Consumers want to interact with web sites, but they also want to keep control of their private information. Asymmetric information about whether web sites will sell private information or not leads to a lemons market for privacy. We discuss privacy policies as signals in a lemons market and ways in which current realizations of privacy policies may...
Conference Paper
We describe a design for a reputation system that increases the reliability and thus efficiency of remailer services. Our reputation system uses a MIX-net in which MIXes give receipts for intermediate messages. Together with a set of witnesses, these receipts allow senders to verify the correctness of each MIX and prove misbehavior to the witnesses...
Conference Paper
Privacy homomorphisms, encryption schemes that are also homomorphisms relative to some binary operation, have been studied for some time, but one may also consider the analogous problem of homomorphic signature schemes. In this paper we introduce basic definitions of security for homomorphic signature systems, motivate the inquiry with example appl...
Article
We present a design for a system of anonymous storage which resists the attempts of powerful adversaries to find or destroy any stored data. We enumerate distinct notions of anonymity for each party in the system, and suggest a way to classify anonymous systems based on the kinds of anonymity provided. Our design ensures the availability of each do...
Article
Electronic commerce faces the problem of signing electronic contracts. Three approaches for handling electronic contracts include 1) no trusted third party protocols, 2) strongly-trusted third party protocols and 3) weakly-trusted third party protocols. A secondary problem facing electronic commerce is self-enforcing contract design.
Article
Full-text available
We propose on-line/off-line threshold signature schemes, in which the bulk of signature computation can take place "off-line" during lulls in service requests [7]. Such precomputation can help systems using threshold signatures quickly respond to requests. For example, tests of the Pond distributed file system showed that computation of a threshold...
Article
Most prior designated confirmer signature schemes either prove security in the random oracle model (ROM) or use general zero- knowledge proofs for NP statements (making them impractical). By slightly modifying the definition of designated confirmer signatures, Gold- wasser and Waisbard presented an approach in which the Confirm and ConfirmedSign pr...
Article
Class project submission for CS262A. Please do not cite or distribute beyond NEST. Contact the authors for the latest version. We present an effective distributed power scheduling algorithm for fixed, low bandwidth, many to one data collection sensor network applications. DuraNet reduces energy consumption by avoiding collision and overhearing whil...
Article
Energy is a fundamental resource limitation in mobile and wireless devices. A great deal of research in mobile and wireless networking over the past decade has examined ways of reducing energy usage, including specific techniques such as energy-aware protocols for routing and communication. However, to our knowledge, no systematic way has been deve...
Article
Full-text available
Client software, such as Windows .exe files, poses security risks but also adds important functionality that cannot yet be replicated with web applications. These risks can be mitigated by running client software inside a sandbox. Virtual machines offer an easily deployed mechanism to create such a sandbox. This motivates two key questions: Are tod...

Network

Cited By