Zobrazeno 1 - 10
of 76
pro vyhledávání: '"R. C. Sekar"'
Publikováno v:
ACSAC
Despite its effectiveness against code reuse attacks, fine-grained code randomization has not been deployed widely due to compatibility as well as performance concerns. Previous techniques often needed source code access to achieve good performance,
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::90b704528d282e6d5b2062efee03b7b3
https://doi.org/10.1145/3427228.3427292
https://doi.org/10.1145/3427228.3427292
Publikováno v:
Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation.
To support C++ exception handling, compilers generate metadata that is a rich source of information about the code layout. On Linux, this metadata is also used to support stack tracing, thread cleanup and other functions. For this reason, Linux binar
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::1608284663626a4b9e072d701e9890d8
https://doi.org/10.1145/3411502.3418428
https://doi.org/10.1145/3411502.3418428
Autor:
R. C. Sekar
Publikováno v:
Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation.
Access control and information flow are the two building blocks in the design of secure software. Of the two, access control seems ubiquitous, being widely used in operating systems, databases, firewalls, servers, web applications, and so on. The suc
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::df3fa26ab3f0c582646c2d1a391532d5
https://doi.org/10.1145/3411502.3418421
https://doi.org/10.1145/3411502.3418421
Publikováno v:
IEEE Symposium on Security and Privacy
We are witnessing a rapid escalation in targeted cyber-attacks called Advanced and Persistent Threats (APTs). Carried out by skilled adversaries, these attacks take place over extended time periods, and remain undetected for months. A common approach
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::8bf5d2d8c66e6b98d29498d4a163199d
https://doi.org/10.1109/sp40000.2020.00064
https://doi.org/10.1109/sp40000.2020.00064
Publikováno v:
IEEE Symposium on Security and Privacy
In this paper, we present HOLMES, a system that implements a new approach to the detection of Advanced and Persistent Threats (APTs). HOLMES is inspired by several case studies of real-world APTs that highlight some common goals of APT actors. In a n
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::9ea341135a220645152bf7bf27cd1025
http://arxiv.org/abs/1810.01594
http://arxiv.org/abs/1810.01594
Publikováno v:
ACSAC
Code diversification, combined with execute-only memory, provides an effective defense against just-in-time code reuse attacks. However, existing techniques for combining code diversification and hardware-assisted memory protections typically require
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::34f36fcb9b33d65ce85bb4a12d343de0
https://doi.org/10.1145/3134600.3134634
https://doi.org/10.1145/3134600.3134634
Autor:
Rui Qiao, R. C. Sekar
Publikováno v:
DSN
Function recognition is one of the key tasks in binary analysis, instrumentation and reverse engineering. Previous approaches for this problem have relied on matching code patterns commonly observed at the beginning and end of functions. While early
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::8a1cbbd9e0fa1dfd291ae583bddd9ffb
https://doi.org/10.1109/dsn.2017.29
https://doi.org/10.1109/dsn.2017.29
Publikováno v:
IEEE Security & Privacy. 12:45-53
Software written in low-level languages like C or C++ is prone to memory corruption bugs that allow attackers to access machines, extract information, and install malware. Real-world exploits show that all widely deployed protections can be defeated.
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::a13f497a1ddcfc9b1b82c925aff33c05
https://doi.org/10.1109/msp.2014.44
https://doi.org/10.1109/msp.2014.44
Autor:
Niranjan Hasabnis, R. C. Sekar
Publikováno v:
SIGSOFT FSE
Binary analysis and instrumentation form the basis of many tools and frameworks for software debugging, security hardening, and monitoring. Accurate modeling of instruction semantics is paramount in this regard, as errors can lead to program crashes,
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::14bc68c7d825300388b517e3dfb0d62e
https://doi.org/10.1145/2950290.2950335
https://doi.org/10.1145/2950290.2950335
Publikováno v:
AsiaCCS
Infrastructure-as-a-Service (IaaS) clouds such as OpenStack consist of two kinds of nodes in their infrastructure: control nodes and compute nodes. While control nodes run all critical services, compute nodes host virtual machines of customers. Given
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::ea8c4353d48b301de23a5334f277b2d6
https://doi.org/10.1145/2897845.2897851
https://doi.org/10.1145/2897845.2897851