Members Publications Software

Comprehensive Address Space Randomizer  (Project Homepage)
A source-to-source transformer for C programs that randomizes (a) the absolute locations of objects in memory, and (b) the relative distances between objects. It provides protection from a wide range of attacks that target buffer overflows and related memory errors.

Address-obfuscated servers (Project Homepage)
An earlier version of the above project that randomizes only absolute addresses. It does not use any source code transformations.

Memory Safe C Compiler (Project Homepage)
A tool for runtime detection of all memory errors in C programs with reasonable runtime overheads.

Alcatraz (Project Homepage)
A tool for isolated execution of untrusted software. Alcatraz is ideal for:
  • Running untrusted code (e.g., downloaded/mobile code) without worrying about damages to your system
  • Trying out new (versions of) software before installing them on your system

Tracer (Project Hompage)
An extensible system call interposition framework.

RPMShield  (Project Homepage)
A tool that safeguards a system during the installation of poorly designed or malicious packages. Intuitive, high-level policies are enforced on the package installation process in order to protect against actions that may compromise system security, or potentially interfere existing packages.


Last updated: Dec 08, 2005
Suggestions, comments or questions: contact R. Sekar (