We describe Instruction-Set Randomization (ISR), a general approach for safeguarding systems against any type of code-injection attack. We apply Kerckhoffs' principle to creat...
Stephen W. Boyd, Gaurav S. Kc, Michael E. Locasto,...
Since web applications are easily accessible, and often store a large amount of sensitive user information, they are a common target for attackers. In particular, attacks that foc...
Muath Alkhalaf, Shauvik Roy Choudhary, Mattia Fazz...
In recent years, more than 200 viruses have been reported to use a peer-to-peer (P2P) file-sharing network as a propagation vector. Disguised as files that are frequently exchan...
Spyware is an increasing problem. Interestingly, many programs carrying spyware honestly disclose the activities of the software, but users install the software anyway. We report ...
Nathaniel Good, Jens Grossklags, Deirdre K. Mullig...
Memory bugs in C/C++ programs severely affect system availability and security. This paper presents First-Aid, a lightweight runtime system that survives software failures caused ...