With the development of information technology, the border of the cyberspace gets much
broader and thus also exposes increasingly more vulnerabilities to attackers. Traditional …

In this paper, we present HOLMES, a system that implements a new approach to the
detection of Advanced and Persistent Threats (APTs). HOLMES is inspired by several case …

Fuzzing is an effective software testing technique to find bugs. Given the size and complexity
of real-world applications, modern fuzzers tend to be either scalable, but not effective in …

Data, a key asset in our data-driven economy, has fueled the emergence of a new data
trading industry. However, there are a number of limitations in conventional data trading …

Data flow analysis (eg, dynamic taint analysis) has proven to be useful for guiding fuzzers to
explore hard-to-reach code and find vulnerabilities. However, traditional taint analysis is …

We present an approach and system for real-time reconstruction of attack scenarios on an
enterprise host. To meet the scalability and real-time needs of the problem, we develop a …

We are witnessing a rapid escalation in targeted cyber-attacks called Advanced and
Persistent Threats (APTs). Carried out by skilled adversaries, these attacks take place over …

Attack graph-based methods are a promising approach towards discovering attacks and
various techniques have been proposed recently. A key limitation, however, is that …

ProTracer: towards practical provenance tracing by alternating between logging and
tainting Page 1 Please do not remove this page ProTracer: towards practical provenance …

Low-power, single-purpose embedded devices (eg, routers and IoT devices) have become
ubiquitous. While they automate and simplify many aspects of users' lives, recent large-scale …