Kernel modules are an integral part of most operating systems (OS) as they provide flexible ways of adding new functionalities (such as file system or hardware support) to the kernel without the need to recompile or reload the entire kernel. Aside from providing an interface between the user and the hardware, these modules maintain system security and… (More)
An interrupt descriptor table (IDT) is used by the processor to transfer the execution of a program to special software routines that handle interrupts, which might be raised during the normal course of operation by hardware or to signal exceptional conditions, such as a hardware failure. Attackers frequently modify the pointers in the IDT in order to… (More)
iii Acknowledgements I would like to thank my parents, without whom my life would not be possible. I would like to thank my brother for guiding me throughout my education. I would also like to thank my adviser and my thesis committee :-And nally, I thank the members of my research group because every graduate student needs to do so. iv To my parents.
The DHS Software Assurance (SwA) program works collaboratively with federal government and private sector partners to provide resources, tools and information to reduce the exploit potential of software. The SwA program sponsors security automation efforts that enable cost-effective, scalable processes and resources that advance the detection, prevention… (More)
In recent years process heap-based attacks have increased significantly. These attacks exploit the system under attack via the heap, typically by using a heap spraying attack. A large number of malicious files and URLs offering dangerous contents are potentially encountered every day, both by client-side and server-side applications. Static and dynamic… (More)