The cyber world is plagued with ever-evolving malware that readily infiltrate all defense
mechanisms, operate viciously unbeknownst to the user, and surreptitiously exfiltrate …

Android platform security is an active area of research where malware detection techniques
continuously evolve to identify novel malware and improve the timely and accurate detection …

Analyzing the security of closed source binaries is currently impractical for end-users, or
even developers who rely on third-party libraries. Such analysis relies on automatic …

It is well-known that static disassembly is an unsolved problem, but how much of a problem
is it in real software—for instance, for binary protection schemes? This work studies the …

Advanced cyber attacks consist of multiple stages aimed at being stealthy and elusive. Such
attack patterns leave their footprints spatio-temporally dispersed across many different logs …

Automated dynamic malware analysis systems are important in combating the proliferation
of modern malware. Unfortunately, malware can often easily detect and evade these …

Binary code analysis is an enabling technique for many applications. Modern compilers and
run-time libraries have introduced significant complexities to binary code, which negatively …

The amount of time in which a sample is executed is one of the key parameters of a malware
analysis sandbox. Setting the threshold too high hinders the scalability and reduces the …

Malware analysis aims to understand how malicious software carries out actions necessary
for a successful attack and identify the possible impacts of the attack. While there has been …

Directed greybox fuzzing is a popular technique for targeted software testing that seeks to
find inputs that reach a set of target sites in a program. Most existing directed greybox …