Learn More
Previous studies have exploited a number of noiseless covert channels in the IPv4 protocol by using some fields in the IP header including the identification, the header checksum and the padding fields. These channels can transmit covert information correctly between two Internet nodes, but will be eliminated after the adoption of the IPv6 protocol. To(More)
Due to the cost-efficient communicating manner and attractive user experience, messenger applications have dominated every smartphone in recent years. Nowadays, Address Book Matching, a new feature that helps people keep in touch with real world contacts, has been loaded in many popular messenger applications, which unfortunately as well brings severe(More)
Control Flow Integrity (CFI) is an effective technique to mitigate threats such as code-injection and code-reuse attacks in programs by protecting indirect transfers. For stripped binaries, a CFI policy has to be made conservatively due to the lack of source code level semantics. Existing binary-only CFI solutions such as BinCFI and CCFIR demonstrate the(More)
Massive Internet invasions implemented through the distributed platform fabricated by rapid diffusion of malwares, has become a significant issue in network security. We argue that the notion of “Collaborative Security” is an emerging trend in resisting distributed attacks originated from malware. Therefore, this paper proposes a new(More)
Static analysis is one of the most popular approaches of software analysis. As more and more software protects their code by transformation or encryption, then releases them at runtime dynamically, it is hard to statically analyze these protected executables because of the failure of disassembling. In this paper, we propose a novel and general technique to(More)
Border Gateway Protocol (BGP) is vulnerable to routing attacks because of the lack of inherent verification mechanism. Several secure BGP schemes have been proposed to prevent routing attacks by leveraging cryptographic verification of BGP routing updates. In this paper, we present a new type of attacks, called TIGER, which aims to invalidate the(More)