Publications in Source-code analysis/transformation
- [1] Code-Pointer Integrity
- Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
The Continuing Arms Race: Code-Reuse Attacks and Defenses (Morgan-Claypool and ACM Press) January, 2018.
- [2] Memory corruption mitigation via hardening and testing
- Laszlo Szekeres
PhD Dissertation (Stony Brook University) May, 2017.
- [3] Extracting Instruction Semantics Via Symbolic Execution of Code Generators
- Niranjan Hasabnis and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2016.
- [4] Securing Web Applications
- Riccardo Pelizzi
PhD Dissertation (Stony Brook University) May, 2016.
- [5] JaTE: Transparent and Efficient JavaScript Confinement
- Tung Tran, Riccardo Pelizzi and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2015.
- [6] Automatic Generation of Assembly to IR Translators Using Compilers
- Niranjan Hasabnis and R. Sekar
Workshop on Architectural and Microarchitectural Support for Binary Translation (AMAS-BT) February, 2015.
- [7] Checking Correctness of Code Generator Architecture Specifications
- Niranjan Hasabnis, Rui Qiao and R. Sekar
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) February, 2015.
- [8] Code-Pointer Integrity
- Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
USENIX Operating System Design and Implementation (OSDI) October, 2014.
- [9] Eternal War in Memory
- Laszlo Szekeres, Mathias Payer, Tao Wei and R. Sekar
IEEE Security and Privacy Magazine (S&P Magazine) May, 2014.
- [10] SoK: Eternal War in Memory
- Laszlo Szekeres, Mathias Payer, Tao Wei and Dawn Song
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2013.
- [11] Light-weight Bounds Checking
- Niranjan Hasabnis, Ashish Misra and R. Sekar
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) April, 2012.
- [12] Taint-Enhanced Anomaly Detection
- Lorenzo Cavallaro and R. Sekar
International Conference on Information Systems Security (ICISS) December, 2011.
- [13] PAriCheck: An Efficient Pointer Arithmetic Checker for C Programs
- Yves Younan, Pieter Philippaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens and Wouter Joosen
ACM Symposium on Information, Computer and Communications Security (ASIACCS) March, 2010.
- [14] Anomalous Taint Detection (Extended Abstract)
- Lorenzo Cavallaro and R. Sekar
Recent Advances in Intrusion Detection (RAID) September, 2008. (Full version available as Technical Report SECLAB08-06).
- [15] Data Space Randomization
- Sandeep Bhatkar and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008.
- [16] On the Limits of Information Flow Techniques for Malware Analysis and Containment
- Lorenzo Cavallaro, Prateek Saxena and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008. (Supercedes SECLAB07-03, November 2007).
- [17] Provably Correct Runtime Enforcement of Non-Interference Properties
- V.N. Venkatakrishnan, Wei Xu, Daniel DuVarney and R. Sekar
International Conference on Information and Communications Security (ICICS) December, 2006. (Supercedes Technical Report SECLAB-04-01, Stony Brook University, March, 2004.).
- [18] Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks
- Wei Xu, Sandeep Bhatkar and R. Sekar
USENIX Security Symposium (USENIX Security) August, 2006. (An earlier version appeared as Technical Report SECLAB-05-06, November 2005. Also supercedes Technical Report SECLAB-05-05 A Unified Approach for Preventing Attacks Exploiting a Range of Software Vulnerabilities, August 2005, and Technical Report SECLAB-05-04 Practical dynamic taint analysis for countering input validation attacks on web applications, May 2005, [PDF]).
- [19] Efficient Techniques for Comprehensive Protection from Memory Error Exploits
- Sandeep Bhatkar, R. Sekar and Daniel DuVarney
USENIX Security Symposium (USENIX Security) August, 2005.
- [20] An Efficient and Backwards-Compatible Transformation to Ensure Memory Safety of C Programs
- Wei Xu, Daniel DuVarney and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2004.
|
|