A binary-level solution for high-frequency code re-randomization.
A binary-level solution against advanced code-reuse attacks.
Secure and efficient Multivariant execution for binaries.
A practical context-sensitive CFI solution for binaries.
A binary-level solution against stack-based memory errors.
Binary and Malware Analysis
Disassembly analysis on full-Scale x86/x64 binaries.
Compiler-agnostic function detection for binaries.
Rowhammer Attacks on ECC-enabled systems.
Rowhammer Attacks over the Network and Defenses.
Cross-VM attacks abusing hardware vulnerabilities.
Deterministic Rowhammer exploitation on mobile devices.
How Google killed two-factor authentication.
Memory deduplication as an advanced exploitation vector.
Thread spraying, allocation oracles, and defenses (MemSentry).
Side channeling the MMU for breaking ASLR in the browser.
Protecting memory deduplication against side-channel and Rowhammer attacks.
Employing the TLB in a novel sidechannel that doesn’t use the cache.
XLATE (translate) attacks reprogram the MMU to mount an indirect cache attack.
RIDL is a new class of speculative execution attacks where an attacker can steal any “in-flight” data.
Run-time gadget-discovery framework.
Return-Oriented Programming without information disclosure.
Operating System with Integrated Recovery preventing Inconsistent State.
Software Testing and Sanitizers
Scalable use-after-free detection.
Practical mitigation of uninitialized read vulnerabilities.
Practical type confusion detection.
Application-aware evolutionary fuzzing.
Fast buffer overflow detection without branches.