System emulation and firmware re-hosting have become popular techniques to answer
various security and performance related questions, such as determining whether a …

An effective way to maximize code coverage in software tests is through dynamic symbolic
execution-a technique that uses constraint solving to systematically explore a program's …

Dynamic binary analysis techniques play a central role to study the security of software
systems and detect vulnerabilities in a broad range of devices and applications. Over the …

Directed fuzzing focuses on automatically testing specific parts of the code by taking
advantage of additional information such as (partial) bug stack trace, patches or risky …

Man-at-the-end (MATE) attackers have full control over the system on which the attacked
software runs, and try to break the confidentiality or integrity of assets embedded in the …

The constant-time programming discipline (CT) is an efficient countermeasure against timing
side-channel attacks, requiring the control flow and the memory accesses to be independent …

This article tackles the problem of designing efficient binary-level verification for a subset of
information flow properties encompassing constant-time and secret-erasure. These …

Spectre are microarchitectural attacks which were made public in January 2018. They allow
an attacker to recover secrets by exploiting speculations. Detection of Spectre is particularly …

Software protection has taken an important place during the last decade in order to protect
legit software against reverse engineering or tampering. Virtualization is considered as one …

Software deobfuscation is a crucial activity in security analysis and especially in malware
analysis. While standard static and dynamic approaches suffer from well-known …