Although malicious software (malware) has been around since the early days of computers,
the sophistication and innovation of malware has increased over the years. In particular, the …

The first steps in analyzing defensive malware are understanding what obfuscations are
present in real-world malware binaries, how these obfuscations hinder analysis, and how …

Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …

Intel's Software Guard Extensions (SGX) promises an isolated execution environment,
protected from all software running on the machine. As such, numerous works have sought …

AddressSanitizer: A Fast Address Sanity Checker Page 1 AddressSanitizer: A Fast Address
Sanity Checker Konstantin Serebryany, Derek Bruening, Alexander Potapenko, Dmitry …

As networked embedded systems are becoming more ubiquitous, their security is becoming
critical to our daily life. While manual or automated large scale analysis of those systems …

Despite decades of sustained effort, memory corruption attacks continue to be one of the
most serious security threats faced today. They are highly sought after by attackers, as they …

Analyzing the security of closed source binaries is currently impractical for end-users, or
even developers who rely on third-party libraries. Such analysis relies on automatic …

Robust and powerful software instrumentation tools are essential for program analysis tasks
such as profiling, performance evaluation, and bug detection. To meet this need, we have …

Dynamic binary instrumentation (DBI) frameworks make it easy to build dynamic binary
analysis (DBA) tools such as checkers and profilers. Much of the focus on DBI frameworks …