A number of detection and defense mechanisms have emerged in the last decade to tackle
the botnet phenomenon. It is important to organize this knowledge to better understand the …

Of all current threats to cybersecurity, botnets are at the top of the list. In consequence,
interest in this problem is increasing rapidly among the research community and the number …

With more IoT devices entering the consumer market, it becomes imperative to detect their
security vulnerabilities before an attacker does. Existing binary analysis based approaches …

Similar to criminals in the physical world, cyber-criminals use a variety of illegal and immoral
means to achieve monetary gains. Recently, malware known as ransomware started to …

Fuzz testing has proven successful in finding security vulnerabilities in large programs.
However, traditional fuzz testing tools have a well-known common drawback: they are …

In this paper we tackle the challenge of providing a generic security architecture for the
Android OS that can serve as a flexible and effective ecosystem to instantiate different …

Malware researchers rely on the observation of malicious code in execution to collect
datasets for a wide array of experiments, including generation of detection models, study of …

Use-after-free vulnerabilities are rapidly growing in popularity, especially for exploiting web
browsers. Use-after-free (and double-free) vulnerabilities are caused by a program …

Binary type inference is a critical reverse engineering task supporting many security
applications, including vulnerability analysis, binary hardening, forensics, and …

We propose a novel approach to infer protocol state machines in the realistic high-latency
network setting, and apply it to the analysis of botnet Command and Control (C &C) …