Learn More
The increasing popularity of Google's mobile platform Android makes it the prime target of the latest surge in mobile malware. Most research on enhancing the plat-form's security and privacy controls requires extensive modification to the operating system, which has significant usability issues and hinders efforts for widespread adoption. We develop a novel(More)
We introduce Eureka, a framework for enabling static analysis on Internet malware binaries. Eureka incorporates a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing. The Eureka framework uniquely distinguishes itself from prior work by providing effective evaluation metrics and techniques to assess the(More)
We present an analysis of the iKee.B (duh) Apple iPhone bot client, captured on November 25, 2009. The bot client was released throughout several countries in Europe, with the initial purpose of coordinating its infected iPhones via a Lithuanian botnet server. This report details the logic and function of iKee's scripts, its configuration files, and its two(More)
When proving invariance properties of programs one is faced with two problems. The rst problem is related to the necessity of proving tautologies of the considered assertion language, whereas the second manifests in the need of nding suuciently strong invariants. This paper focuses on the second problem and describes techniques for the automatic generation(More)
Our goal is to use a theorem prover in order to verify in-variance properties of distributed systems in a \model checking like" manner. A system S is described by a set of sequential components, each one given by a transition relation and a predicate Init deening the set of initial states. In order to verify that P is an invariant of S, we try to compute,(More)
We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion-tolerant Web server as a specific instance. The architecture comprises functionally redundant COTS servers running on diverse operating systems and platforms , hardened intrusion-tolerance proxies that mediate client requests and verify the(More)