Learn More
Address space randomization is an emerging and promising method for stopping a broad range of memory corruption attacks. By randomly shifting critical memory regions at process initialization time, address space ran-domization converts an otherwise successful malicious attack into a benign process crash. However, existing approaches either introduce(More)
Remote attestation of system integrity is an essential part of trusted computing. However, current remote attestation techniques only provide integrity proofs of static properties of the system. To address this problem we present a novel remote dynamic attestation system named ReDAS (Remote Dynamic Attestation System) that provides integrity evidence for(More)
In biology,a <i>vaccine</i> is a weakened strain of a virus or bacterium that is intentionally injected into the body for the purpose of stimulating antibody production.Inspired by this idea, we propose a packet vaccine mechanism that randomizes address-like strings in packet payloads to carry out fast exploit detection, vulnerability diagnosis and(More)
Cyber attacks against networked computers have become relentless in recent years. The most common attack method is to exploit memory corruption vulnerabilities such as buffer overflow and format string bugs. This paper presents a technique to automatically identify both known and unknown memory corruption vulnerabilities. Based on the observation that a(More)
Software vulnerabilities have been the main contributing factor to the Internet security problems such as fast spreading worms. Among these software vulnerabilities, memory corruption vulnerabilities such as buffer overflow and format string bugs have been the most common ones exploited by network-based attacks. Many security countermeasures (e.g.,(More)
In biology, a <i>vaccine</i> is a weakened strain of a virus or bacterium that is intentionally injected into the body for the purpose of stimulating antibody production. Inspired by this idea, we propose a <i>packet vaccine</i> mechanism that randomizes address-like strings in packet payloads to carry out fast exploit detection and signature generation. An(More)
Understanding security bugs in a vulnerable program is a non-trivial task, even if the target program is known to be vulnerable. Though there exist debugging tools that facilitate the vulnerability analysis and debugging process, human developers still need to manually trace the program execution most of the times. This makes security debugging a difficult(More)
  • 1