Downloads

• Comprehensive Address Space Randomizer. A source-to-source transformer for C programs that randomizes (a) the absolute locations of objects in memory, and (b) the relative distances between objects. It provides protection from a wide range of attacks that target buffer overflows and related memory errors.
  
  
• Address-obfuscated servers. An earlier version of the above project that randomizes only absolute addresses. It does not use any source code transformations.
  
  
• TaintPolicy. A source-code transformer that instruments C programs to enable efficient fine-grained (byte-level) dynamic taint tracking for attack detection based on taint-enhanced security policies.
  
  
• Memory Safe C Compiler. A tool for runtime detection of all memory errors in C programs with reasonable runtime overheads.
  
  
• Alcatraz. A tool for isolating execution of untrusted software.
  
  
• Etrace. An extensible system call interposition framework.
  
  
• RPMShield. A tool that safeguards a system during the installation of poorly designed or malicious packages. Intuitive, high-level policies are enforced on the package installation process in order to protect against actions that may compromise system security, or potentially interfere existing packages.