Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …

With more IoT devices entering the consumer market, it becomes imperative to detect their
security vulnerabilities before an attacker does. Existing binary analysis based approaches …

In this paper we present Mayhem, a new system for automatically finding exploitable bugs in
binary (ie, executable) programs. Every bug reported by Mayhem is accompanied by a …

While dynamic malware analysis methods generally provide better precision than purely
static methods, they have the key drawback that they can only detect malicious behavior if it …

In this paper we tackle the challenge of providing a generic security architecture for the
Android OS that can serve as a flexible and effective ecosystem to instantiate different …

Malware analysis aims to understand how malicious software carries out actions necessary
for a successful attack and identify the possible impacts of the attack. While there has been …

Use-after-free vulnerabilities are rapidly growing in popularity, especially for exploiting web
browsers. Use-after-free (and double-free) vulnerabilities are caused by a program …

Detecting differences between two binary executables (binary diffing), first derived from
patch analysis, have been widely employed in various software security analysis tasks, such …

The Megamos Crypto transponder is used in one of the most widely deployed electronic
vehicle immobilizers. It is used among others in most Audi, Fiat, Honda, Volkswagen and …

Cryptographic functions have been commonly abused by malware developers to hide
malicious behaviors, disguise destructive payloads, and bypass network-based firewalls …