Binary Armoring
CodeArmor
A binary-level solution for high-frequency code re-randomization.
TypeArmor
A binary-level solution against advanced code-reuse attacks.
MvArmor
Secure and efficient Multivariant execution for binaries.
PathArmor
A practical context-sensitive CFI solution for binaries.
StackArmor
A binary-level solution against stack-based memory errors.
Binary and Malware Analysis
Disassembly
Disassembly analysis on full-Scale x86/x64 binaries.
Compiler-Agnostic Function Detection
Compiler-agnostic function detection for binaries.
Hardware Vulnerabilities
ECCploit
Rowhammer Attacks on ECC-enabled systems.
Throwhammer
Rowhammer Attacks over the Network and Defenses.
Flip Feng Shui
Cross-VM attacks abusing hardware vulnerabilities.
Drammer
Deterministic Rowhammer exploitation on mobile devices.
Mobile Security
BAndroid
How Google killed two-factor authentication.
Side Channels
Dedup Est Machina
Memory deduplication as an advanced exploitation vector.
Nowhere to Hide
Thread spraying, allocation oracles, and defenses (MemSentry).
AnC
Side channeling the MMU for breaking ASLR in the browser.
VUsion
Protecting memory deduplication against side-channel and Rowhammer attacks.
TLBleed
Employing the TLB in a novel sidechannel that doesn’t use the cache.
XLATE
XLATE (translate) attacks reprogram the MMU to mount an indirect cache attack.
RIDL
RIDL is a new class of speculative execution attacks where an attacker can steal any “in-flight” data.
Software Exploitation
Newton
Run-time gadget-discovery framework.
PIROP
Return-Oriented Programming without information disclosure.
Software Reliability
OSIRIS
Operating System with Integrated Recovery preventing Inconsistent State.
Software Testing and Sanitizers
DangSan
Scalable use-after-free detection.
SafeInit
Practical mitigation of uninitialized read vulnerabilities.
TypeSan
Practical type confusion detection.
VUzzer
Application-aware evolutionary fuzzing.
Delta Pointers
Fast buffer overflow detection without branches.
