As new attacks against Windows-based machines emerge almost on a daily basis, there is an increasing need to “lock down” individual users’ desktop machines in corporate comp...
Many current systems allow data produced by potentially malicious sources to be mounted as a file system. File system code must check this data for dangerous values or invariant ...
Junfeng Yang, Can Sar, Paul Twohey, Cristian Cadar...
Log-based recovery and replay systems are important for system reliability, debugging and postmortem analysis/recovery of malware attacks. These systems must incur low space and p...
Daniela A. S. de Oliveira, Jedidiah R. Crandall, G...
There is a growing demand for network devices capable of examining the content of data packets in order to improve network security and provide application-specific services. Most...
Accurate identification of misuse is a key factor in determining appropriate ways to protect systems. Modern intrusion detection systems often use alerts from different sources su...