Advanced Persistent Threats (APTs) are difficult to detect due to their" low-and-slow" attack
patterns and frequent use of zero-day exploits. We present UNICORN, an anomaly-based …

Smartphones are steadily gaining popularity, creating new application areas as their
capabilities increase in terms of computational power, sensors and communication …

In recent years, researchers have proposed systems for running trusted code on an
untrusted operating system. Protection mechanisms deployed by such systems keep a …

We describe a new, general approach for safeguarding systems against any type of code-
injection attack. We apply Kerckhoff's principle, by creating process-specific randomized …

Dune is a system that provides applications with direct but safe access to hardware features
such as ring protection, page tables, and tagged TLBs, while preserving the existing OS …

We present a practical protection mechanism against SQL injection attacks. Such attacks
target databases that are accessible through a web front-end, and take advantage of flaws in …

Copilot is a coprocessor-based kernel integrity monitor for commodity systems. Copilot is
designed to detect malicious modifications to a host's kernel and has correctly detected the …

We introduce a system that eliminates the need to run programs in privileged process
contexts. Using our system, programs run unprivileged but may execute certain operations …

Introspection has featured prominently in many recent security solutions, such as virtual
machine-based intrusion detection, forensic memory analysis, and low-artifact malware …

The present research deals with audio events detection in noisy environments for a
multimedia surveillance application. In surveillance or homeland security most of the …