Stony Brook University Logo Department of Computer Science Stony Brook Search Button
Secure Systems Lab

Software Downloads

  • Comprehensive Address Space Randomizer. A source-to-source transformer for C programs that randomizes (a) the absolute locations of objects in memory, and (b) the relative distances between objects. It provides protection from a wide range of attacks that target buffer overflows and related memory errors.

  • Address-obfuscated servers. An earlier version of the above project that randomizes only absolute addresses. It does not use any source code transformations.

  • TaintPolicy. A source-code transformer that instruments C programs to enable efficient fine-grained (byte-level) dynamic taint tracking for attack detection based on taint-enhanced security policies.

  • Memory Safe C Compiler. A tool for runtime detection of all memory errors in C programs with reasonable runtime overheads.

  • Alcatraz. A tool for isolating execution of untrusted software.

  • Etrace. An extensible system call interposition framework.

  • RPMShield. A tool that safeguards a system during the installation of poorly designed or malicious packages. Intuitive, high-level policies are enforced on the package installation process in order to protect against actions that may compromise system security, or potentially interfere existing packages.

Home Contact CEWIT Center for Cyber Security SFS Scholarships

Copyright © 1999-2009 Secure Systems Laboratory, Stony Brook University. All rights reserved.