Stony Brook University Logo Department of Computer Science Stony Brook Search Button
Secure Systems Lab

Publications in OS and Virtualization Techniques

[1]  Online Signature Generation for Windows Systems
Lixin Li, Jim Just and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2009.
[2]  Practical Techniques for Regeneration and Immunization of COTS Applications
Lixin Li, Mark R. Cornwell, E. Hultman, Jim Just and R. Sekar
Workshop on Recent Advances on Intrusion-Tolerant Systems (WRAITS) June, 2009.
[3]  An Efficient Black-box Technique for Defeating Web Application Attacks
R. Sekar
ISOC Network and Distributed Systems Symposium (NDSS) February, 2009.
[4]  Alcatraz: An Isolated Environment for Experimenting with Untrusted Software
Zhenkai Liang, Weiqing Sun, V.N. Venkatakrishnan and R. Sekar
ACM Transactions on Information and System Security (TISSEC) January, 2009.
[5]  Expanding Malware Defense by Securing Software Installations
Weiqing Sun, R. Sekar, Zhenkai Liang and V.N. Venkatakrishnan
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008.
[6]  V-NetLab: An Approach for Realizing Logically Isolated Networks for Security Experiments
Weiqing Sun, Varun Katta, Kumar Krishna and R. Sekar
Workshop on Cyber Security Experimentation and Test (in conjunction with USENIX Security) (CSET) July, 2008.
[7]  Practical Proactive Integrity Preservation: A Basis for Malware Defense
Weiqing Sun, R. Sekar, Gaurav Poothia and Tejas Karandikar
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2008.
[8]  Address-Space Randomization for Windows Systems
Lixin Li, Jim Just and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2006.
[9]  Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior Models
Zhenkai Liang and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2005. (Supercedes Technical Report SECLAB-05-01 An Immune System Inspired Approach for Protection from Repetitive Attacks, March 2005.).
[10]  Fast and Automated Generation of Attack Signatures: A Basis for Building Self-Protecting Servers
Zhenkai Liang and R. Sekar
ACM Conference on Computer and Communications Security (CCS) November, 2005. (Supercedes Technical Report SECLAB-05-02 Automated, Sub-second Attack Signature Generation: A Basis for Building Self-Protecting Servers, May 2005.).
[11]  V-NetLab: A Cost-Effective Platform to Support Course Projects in Computer Security
Kumar Krishna, Weiqing Sun, Pratik Rana, Tianning Li and R. Sekar
Annual Colloquium for Information Systems Security Education (CISSE) June, 2005.
[12]  Automatic Synthesis of Filters to Discard Buffer Overflow Attacks: A Step Towards Realizing Self-Healing Systems (Short Paper)
Zhenkai Liang, R. Sekar and Daniel DuVarney
USENIX Annual Technical Conference (USENIX) April, 2005.
[13]  One-way Isolation: An Effective Approach for Realizing Safe Execution Environments
Weiqing Sun, Zhenkai Liang, V.N. Venkatakrishnan and R. Sekar
ISOC Network and Distributed Systems Symposium (NDSS) February, 2005. (Revised version of conference paper).
[14]  Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs
Zhenkai Liang, V.N. Venkatakrishnan and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2003. Best paper award.
[15]  Model-Carrying Code: A Practical Approach for Safe Execution of Untrusted Applications
R. Sekar, V.N. Venkatakrishnan, Samik Basu, Sandeep Bhatkar and Daniel DuVarney
ACM Symposium on Operating Systems Principles (SOSP) October, 2003.
[16]  Experiences with Specification Based Intrusion Detection System
Prem Uppuluri and R. Sekar
Recent Advances in Intrusion Detection (RAID) October, 2001.
[17]  Model-Carrying Code (MCC): A New Paradigm for Mobile-Code Security
R. Sekar, C.R. Ramakrishnan, I.V. Ramakrishnan and Scott Smolka
New Security Paradigms Workshop (NSPW) September, 2001.
[18]  A Fast Automaton-Based~Method for Detecting Anomalous Program Behaviors
R. Sekar, Mugdha Bendre, Pradeep Bollineni and Dinakar Dhurjati
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2001.
[19]  Building Survivable Systems: An Integrated Approach based on Intrusion Detection and Damage Containment
Thomas Bowen, Dana Chee, Mark Segal, R. Sekar, Tushar Shanbhag and Prem Uppuluri
DISCEX (DISCEX) February, 2000.
[20]  User-Level Infrastructure for System Call Interposition: A Platform for Intrusion Detection and Confinement
Kapil Jain and R. Sekar
ISOC Network and Distributed Systems Symposium (NDSS) February, 2000.
All Publications
By Year

By Area

Source-code analysis/transformation
Binary analysis/rewriting
Policy/Specification Languages
OS and Virtualization Techniques
Algorithms
Learning/anomaly detection
Formal methods/Foundations

By Problem

Randomization/Memory Errors
Information flow analysis
Automated Exploit Defenses
Virtual Network Lab
Safe execution/attack recovery
Automated signature generation
Malware/Untrusted code defense
Intrusion/Anomaly detection
Fast packet matching
Policy generation tools

Local Search


Home Contact CEWIT Center for Cyber Security SFS Scholarships

Copyright © 1999-2009 Secure Systems Laboratory, Stony Brook University. All rights reserved.