• Publications
  • Influence
Library-Level Policy Enforcement
A system that allows policy to be implemented at the library call level, which screens calls to protected functions, while allowing the implementation of a high level form of control flow integrity based on library calls is described. Expand
Efficient Monitoring of Library Call Invocation
The technique is presented by analyzing the interception of a known exploit of the NGINX server and it is shown that the mechanism can detect and contain the attack and discuss the performance overheads. Expand
Red-Zone: Towards an Intrusion Response Framework for Intra-vehicle System
An Intrusion Response System based on the Red-Zone principle is presented which meets the identified requirements and the integration of IRS through the vehicle system development and the different aspects which support such a process are discussed. Expand
MMU-based Access Control for Libraries
An updated version of the kernel-side technique, where security policies are implemented in order to identify suspicious behavior and take some action accordingly, is presented. Expand
Security for Heterogeneous Systems