Reactive defense mechanisms, such as intrusion detection systems, have made significant
efforts to secure a system or network for the last several decades. However, the nature of …

Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …

Coverage-guided fuzzing is a widely used and effective solution to find software
vulnerabilities. Tracking code coverage and utilizing it to guide fuzzing are crucial to …

Intel SGX isolates the memory of security-critical applications from the untrusted OS.
However, it has been speculated that SGX may be vulnerable to side-channel attacks …

We present BranchScope-a new side-channel attack where the attacker infers the direction
of an arbitrary conditional branch instruction in a victim program by manipulating the shared …

WebAssembly is an increasingly popular compilation target designed to run code in
browsers and on other platforms safely and securely, by strictly separating code and data …

Isolating sensitive state and data can increase the security and robustness of many
applications. Examples include protecting cryptographic keys against exploits like …

Memory corruption bugs in software written in low-level languages like C or C++ are one of
the oldest problems in computer security. The lack of safety in these languages allows …

Address Space Layout Randomization (ASLR) is a widely-used technique that protects
systems against a range of attacks. ASLR works by randomizing the offset of key program …

Modern operating system kernels employ address space layout randomization (ASLR) to
prevent control-flow hijacking attacks and code-injection attacks. While kernel security relies …