We present a static control-flow analysis for JavaScript programs running in a web browser.
Our analysis tackles numerous challenges posed by modern web applications including …

Computer security systems protect computers and networks from unauthorized use by
external agents and insiders. The similarities between computer security and the problem of …

We present FRAPpuccino (or FRAP), a provenance-based fault detection mechanism for
Platform as a Service (PaaS) users, who run many instances of an application on a large …

The Insider threat is minimally addressed by current information security practices, yet the
insider poses the most serious threat to organization through various malicious activities …

Abstract The integration of Cyber-Physical Systems in the industrial domain has become
indispensable for Industry 4.0. Unfortunately, as the interconnectivity among them increases …

Program anomaly detection analyzes normal program behaviors and discovers aberrant
executions caused by attacks, misconfigurations, program bugs, and unusual usage …

New strains of distributed denial-of-service (DDoS) attacks have exhibited potential to
disconnect communication networks, even cutting off entire countries from the Internet. The …

Network-connected embedded systems grow on a large scale as a critical part of Internet of
Things, and these systems are under the risk of increasing malware. Anomaly-based …

Intertwined developments between program attacks and defenses witness the evolution of
program anomaly detection methods. Emerging categories of program attacks, eg, non …

We propose a syscall-based anomaly detection system that incorporates both deterministic
and stochastic models. We analyze in detail two alternative approaches for anomaly …