Binary Armoring

CodeArmor

A binary-level solution for high-frequency code re-randomization.

TypeArmor

A binary-level solution against advanced code-reuse attacks.

MvArmor

Secure and efficient Multivariant execution for binaries.

PathArmor

A practical context-sensitive CFI solution for binaries.

StackArmor

A binary-level solution against stack-based memory errors.

Binary and Malware Analysis

Disassembly

Disassembly analysis on full-Scale x86/x64 binaries.

Compiler-Agnostic Function Detection

Compiler-agnostic function detection for binaries.

Hardware Vulnerabilities

Throwhammer

Rowhammer Attacks over the Network and Defenses.

Flip Feng Shui

Cross-VM attacks abusing hardware vulnerabilities.

Drammer

Deterministic Rowhammer exploitation on mobile devices.

Mobile Security

BAndroid

How Google killed two-factor authentication.

Side Channels

Dedup Est Machina

Memory deduplication  as an advanced exploitation vector.

Nowhere to Hide

Thread spraying, allocation oracles, and defenses (MemSentry).

AnC

Side channeling the MMU for breaking ASLR in the browser.

VUsion

Protecting memory deduplication against side-channel and Rowhammer attacks.

TLBleed

Employing the TLB in a novel sidechannel that doesn’t use the cache.

XLATE

XLATE (translate) attacks reprogram the MMU to mount an indirect cache attack.

Software Exploitation

Newton

Run-time gadget-discovery framework.

PIROP

Return-Oriented Programming without information disclosure.

Software Reliability

OSIRIS

Operating System with Integrated Recovery preventing Inconsistent State.

Software Testing and Sanitizers

DangSan

Scalable use-after-free detection.

SafeInit

Practical mitigation of uninitialized read vulnerabilities.

TypeSan

Practical type confusion detection.

VUzzer

Application-aware evolutionary fuzzing.

Delta Pointers

Fast buffer overflow detection without branches.