Disassembly of binary code is hard, but necessary for improving the security of binary
software. Over the past few decades, research in binary disassembly has produced many …

Existing approaches for program debloating often use a usage profile, typically provided as
a set of inputs, for identifying the features of a program to be preserved. Specifically, given a …

Year over year, modern web applications evolve to cater to the needs of many users and
support various runtime environments. The ever-growing need to appeal to as many users …

Embedded systems have become prominent targets for cyberattacks. To exploit firmware's
memory corruption vulnerabilities, cybercriminals harvest reusable code gadgets from the …

Owing to the continued use of C (and C++), spatial safety violations (eg, buffer overflows)
still constitute one of today's most dangerous and prevalent security vulnerabilities. To …

We present an approach to lift position-independent x86-64 binaries to symbolized NASM.
Symbolization is a decompilation step that enables binary patching: functions can be …

In today's era of the Internet of Things, we are surrounded by security-and safety-critical,
network-connected devices. In parallel with the rise in attacks on such devices, we have also …

Software debloating tools seek to improve program security and performance by removing
unnecessary code, called bloat. While many techniques have been proposed, several …

As web applications grow more complicated and rely on third-party libraries to deliver new
features to their users, they become bloated with unnecessary code. This unnecessary code …

System auditing is the foundation of attack provenance to investigate root causes and
ramifications of cyber-attacks. However, provenance tracking on coarse-grained audit logs …