Zobrazeno 1 - 10
of 26
pro vyhledávání: '"Erik van der Kouwe"'
Publikováno v:
EUROSEC 2023: Proceedings of the 2023 European Workshop on System Security, 8-14
STARTPAGE=8;ENDPAGE=14;TITLE=EUROSEC 2023
Gorter, F, Giuffrida, C & van der Kouwe, E 2023, Enviral: Fuzzing the Environment for Evasive Malware Analysis . in EUROSEC 2023 : Proceedings of the 2023 European Workshop on System Security . Association for Computing Machinery, Inc, pp. 8-14, 16th European Workshop on Systems Security, EUROSEC 2023, Rome, Italy, 8/05/23 . https://doi.org/10.1145/3578357.3589455
STARTPAGE=8;ENDPAGE=14;TITLE=EUROSEC 2023
Gorter, F, Giuffrida, C & van der Kouwe, E 2023, Enviral: Fuzzing the Environment for Evasive Malware Analysis . in EUROSEC 2023 : Proceedings of the 2023 European Workshop on System Security . Association for Computing Machinery, Inc, pp. 8-14, 16th European Workshop on Systems Security, EUROSEC 2023, Rome, Italy, 8/05/23 . https://doi.org/10.1145/3578357.3589455
Analyzing malicious behavior is vital to effectively safeguard computer systems against malware. However, contemporary malware frequently contains evasive behavior, which allows it to hide its malicious intent from analysis. More specifically, if the
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::3c1939bcfb78dfcb2915d814f138e27a
https://doi.org/10.1145/3578357.3589455
https://doi.org/10.1145/3578357.3589455
Publikováno v:
ACSAC '22: Proceedings of the 38th Annual Computer Security Applications Conference, 375-387
STARTPAGE=375;ENDPAGE=387;TITLE=ACSAC '22
Geretto, E, Giuffrida, C, Bos, H & Van Der Kouwe, E 2022, Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots . in ACSAC '22 : Proceedings of the 38th Annual Computer Security Applications Conference . ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 375-387, 38th Annual Computer Security Applications Conference, ACSAC 2022, Austin, United States, 5/12/22 . https://doi.org/10.1145/3564625.3564639
STARTPAGE=375;ENDPAGE=387;TITLE=ACSAC '22
Geretto, E, Giuffrida, C, Bos, H & Van Der Kouwe, E 2022, Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots . in ACSAC '22 : Proceedings of the 38th Annual Computer Security Applications Conference . ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 375-387, 38th Annual Computer Security Applications Conference, ACSAC 2022, Austin, United States, 5/12/22 . https://doi.org/10.1145/3564625.3564639
Modern coverage-oriented fuzzers play a crucial role in vulnerability finding. While much research focuses on improving the core fuzzing techniques, some fundamental speed bottlenecks, such as the redundant computations incurred by re-executing the t
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::a94673dfbd115528484133d3854354b9
https://research.vu.nl/en/publications/9e79a9af-ef78-45e4-a722-24bc95f3f5e7
https://research.vu.nl/en/publications/9e79a9af-ef78-45e4-a722-24bc95f3f5e7
Publikováno v:
Milburn, A, Van Der Kouwe, E & Giuffrida, C 2022, Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation . in 2022 IEEE Symposium on Security and Privacy (SP) : [Proceedings] . Proceedings-IEEE Symposium on Security and Privacy, no. May, vol. 2022, Institute of Electrical and Electronics Engineers Inc., pp. 1049-1065, 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, United States, 23/05/22 . https://doi.org/10.1109/SP46214.2022.9833675
2022 IEEE Symposium on Security and Privacy (SP): [Proceedings], 1049-1065
STARTPAGE=1049;ENDPAGE=1065;TITLE=2022 IEEE Symposium on Security and Privacy (SP)
2022 IEEE Symposium on Security and Privacy (SP): [Proceedings], 1049-1065
STARTPAGE=1049;ENDPAGE=1065;TITLE=2022 IEEE Symposium on Security and Privacy (SP)
Information leakage vulnerabilities (or simply info leaks) such as out-of-bounds/uninitialized reads in the architectural or speculative domain pose a significant security threat, allowing attackers to leak sensitive data such as crypto keys. At the
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::b17788edfd00fc2bc61ad2c8e72979dc
https://hdl.handle.net/1871.1/05fa6149-2233-41e1-bab6-b6170a8d61a9
https://hdl.handle.net/1871.1/05fa6149-2233-41e1-bab6-b6170a8d61a9
Publikováno v:
51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021: [Proceedings], 363-375
STARTPAGE=363;ENDPAGE=375;TITLE=51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021
Bhat, K, Van Der Kouwe, E, Bos, H & Giuffrida, C 2021, FIRestarter: Practical Software Crash Recovery with Targeted Library-level Fault Injection . in 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021 : [Proceedings] . Institute of Electrical and Electronics Engineers Inc., pp. 363-375, 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021, Virtual, Online, Taiwan, Province of China, 21/06/21 . https://doi.org/10.1109/DSN48987.2021.00048
DSN
STARTPAGE=363;ENDPAGE=375;TITLE=51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021
Bhat, K, Van Der Kouwe, E, Bos, H & Giuffrida, C 2021, FIRestarter: Practical Software Crash Recovery with Targeted Library-level Fault Injection . in 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021 : [Proceedings] . Institute of Electrical and Electronics Engineers Inc., pp. 363-375, 51st Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2021, Virtual, Online, Taiwan, Province of China, 21/06/21 . https://doi.org/10.1109/DSN48987.2021.00048
DSN
Despite advances in software testing, many bugs still plague deployed software, leading to crashes and thus service disruption in high-availability production applications. Existing crash recovery solutions are either limited to transient faults or r
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::7529154b3d45818aec8dd0738fca1633
https://research.vu.nl/en/publications/52c9c472-63cd-439e-93f2-db9cf8847ca5
https://research.vu.nl/en/publications/52c9c472-63cd-439e-93f2-db9cf8847ca5
Publikováno v:
ASPLOS
ASPLOS 2021: Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 743-757
STARTPAGE=743;ENDPAGE=757;TITLE=ASPLOS 2021
Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems
Duta, V, Giuffrida, C, Bos, H & Van Der Kouwe, E 2021, PIBE : Practical kernel control-flow hardening with profile-guided indirect branch elimination . in ASPLOS 2021 : Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems . International Conference on Architectural Support for Programming Languages and Operating Systems-ASPLOS, Association for Computing Machinery, pp. 743-757, 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2021, Virtual, Online, United States, 19/04/21 . https://doi.org/10.1145/3445814.3446740
ASPLOS 2021: Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, 743-757
STARTPAGE=743;ENDPAGE=757;TITLE=ASPLOS 2021
Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems
Duta, V, Giuffrida, C, Bos, H & Van Der Kouwe, E 2021, PIBE : Practical kernel control-flow hardening with profile-guided indirect branch elimination . in ASPLOS 2021 : Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems . International Conference on Architectural Support for Programming Languages and Operating Systems-ASPLOS, Association for Computing Machinery, pp. 743-757, 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2021, Virtual, Online, United States, 19/04/21 . https://doi.org/10.1145/3445814.3446740
Control-flow hijacking, which allows an attacker to execute arbitrary code, remains a dangerous software vulnerability. Control-flow hijacking in speculated or transient execution is particularly insidious as it allows attackers to leak data from ope
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::f09503908f90adfba0299b2e215eefaa
https://research.vu.nl/en/publications/2b26e535-a2a6-4627-882b-a333bb2c0e49
https://research.vu.nl/en/publications/2b26e535-a2a6-4627-882b-a333bb2c0e49
Autor:
Erik van der Kouwe
Publikováno v:
Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security.
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::9b18bb4a3cca8d771bea2e0193906a4a
https://doi.org/10.1145/3432974
https://doi.org/10.1145/3432974
Publikováno v:
Dofferhoff, R, Göebel, M, Rietveld, K & Van Der Kouwe, E 2020, IScanU: A Portable Scanner for Undocumented Instructions on RISC Processors . in 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) : [Proceedings] . Institute of Electrical and Electronics Engineers Inc., pp. 306-317, 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2020, Valencia, Spain, 29/06/20 . https://doi.org/10.1109/DSN48063.2020.00047
2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN): [Proceedings], 306-317
STARTPAGE=306;ENDPAGE=317;TITLE=2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
DSN
Proceedings 50th annual IEEE/IFIP international conference on dependable systems and networks, 306-317. IEEE
STARTPAGE=306;ENDPAGE=317;TITLE=Proceedings 50th annual IEEE/IFIP international conference on dependable systems and networks
2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN): [Proceedings], 306-317
STARTPAGE=306;ENDPAGE=317;TITLE=2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
DSN
Proceedings 50th annual IEEE/IFIP international conference on dependable systems and networks, 306-317. IEEE
STARTPAGE=306;ENDPAGE=317;TITLE=Proceedings 50th annual IEEE/IFIP international conference on dependable systems and networks
Undocumented and faulty CPU instructions can cause undefined behavior and system instability, impairing software efforts such as OS crash recovery and resilience, and system security. Although often not considered, the identification of such undocume
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::126a1b40731ec5509a8cf0405b69c5ec
https://hdl.handle.net/1871.1/fd1885aa-28a2-48ea-994c-339cb0f3b70a
https://hdl.handle.net/1871.1/fd1885aa-28a2-48ea-994c-339cb0f3b70a
Autor:
Dennis Andriesse, Thorsten Holz, Andre Pawlowski, Herbert Bos, Cristiano Giuffrida, Erik van der Kouwe, Victor van der Veen
Publikováno v:
ACSAC '19: Proceedings of the 35th Annual Computer Security Applications ConferenceDecember 2019, 97-112
STARTPAGE=97;ENDPAGE=112;TITLE=ACSAC '19
ACSAC
Pawlowski, A, van der Veen, V, Andriesse, D, van der Kouwe, E, Holz, T, Giuffrida, C & Bos, H 2019, VPS: Excavating high-level C++ constructs from low-level binaries to protect dynamic dispatching . in ACSAC '19 : Proceedings of the 35th Annual Computer Security Applications ConferenceDecember 2019 . ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 97-112, 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, United States, 9/12/19 . https://doi.org/10.1145/3359789.3359797
Proceedings of the 35th Annual Computer Security Applications Conference
STARTPAGE=97;ENDPAGE=112;TITLE=ACSAC '19
ACSAC
Pawlowski, A, van der Veen, V, Andriesse, D, van der Kouwe, E, Holz, T, Giuffrida, C & Bos, H 2019, VPS: Excavating high-level C++ constructs from low-level binaries to protect dynamic dispatching . in ACSAC '19 : Proceedings of the 35th Annual Computer Security Applications ConferenceDecember 2019 . ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 97-112, 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, United States, 9/12/19 . https://doi.org/10.1145/3359789.3359797
Proceedings of the 35th Annual Computer Security Applications Conference
Polymorphism and inheritance make C++ suitable for writing complex software, but significantly increase the attack surface because the implementation relies on virtual function tables (vtables). These vtables contain function pointers that attackers
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::63b9c6900e9f1b14f6897595421cf826
https://research.vu.nl/en/publications/721872bb-727a-4ee8-91e4-86f09774e91b
https://research.vu.nl/en/publications/721872bb-727a-4ee8-91e4-86f09774e91b
Publikováno v:
CECC
Many Android applications are uploaded to app stores every day. A relatively small fraction of these applications, or apps, is malware. Several research teams developed tools which automate malware detection for apps, to keep up with the never-ending
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::2fd3697e1b6384b9cb9362003ee5125d
https://doi.org/10.1145/3360664.3360672
https://doi.org/10.1145/3360664.3360672
Publikováno v:
EuroS&P
van der Kouwe, E, Heiser, G, Andriesse, D, Bos, H & Giuffrida, C 2019, SoK: Benchmarking flaws in systems security . in 2019 IEEE European Symposium on Security and Privacy (EURO S and P) : [Proceedings] ., 8806739, Institute of Electrical and Electronics Engineers Inc., pp. 310-325, 4th IEEE European Symposium on Security and Privacy, EURO S and P 2019, Stockholm, Sweden, 17/06/19 . https://doi.org/10.1109/EuroSP.2019.00031
Proceedings-4th IEEE European Symposium on Security and Privacy, EURO S and P 2019, 310-325
STARTPAGE=310;ENDPAGE=325;TITLE=Proceedings-4th IEEE European Symposium on Security and Privacy, EURO S and P 2019
2019 IEEE European Symposium on Security and Privacy (EuroS&P)
van der Kouwe, E, Heiser, G, Andriesse, D, Bos, H & Giuffrida, C 2019, SoK: Benchmarking flaws in systems security . in 2019 IEEE European Symposium on Security and Privacy (EURO S and P) : [Proceedings] ., 8806739, Institute of Electrical and Electronics Engineers Inc., pp. 310-325, 4th IEEE European Symposium on Security and Privacy, EURO S and P 2019, Stockholm, Sweden, 17/06/19 . https://doi.org/10.1109/EuroSP.2019.00031
Proceedings-4th IEEE European Symposium on Security and Privacy, EURO S and P 2019, 310-325
STARTPAGE=310;ENDPAGE=325;TITLE=Proceedings-4th IEEE European Symposium on Security and Privacy, EURO S and P 2019
2019 IEEE European Symposium on Security and Privacy (EuroS&P)
Properly benchmarking a system is a difficult and intricate task. Even a seemingly innocuous mistake can compromise the guarantees provided by a systems security defense and threaten reproducibility and comparability. Moreover, as many modern defense
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::aff2fead62abf775c6f22adf33718822
https://doi.org/10.1109/eurosp.2019.00031
https://doi.org/10.1109/eurosp.2019.00031