In many applications, source code and debugging symbols of a target program are not
available, and the only thing that we can access is the program executable. A fundamental …

Constraining dynamic control transfers is a common technique for mitigating software
vulnerabilities. This defense has been widely and successfully used to protect return …

With the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the
number of attack possibilities increases. Furthermore, with the incorporation of the IoT into …

The C and C++ programming languages are notoriously insecure yet remain indispensable.
Developers therefore resort to a multi-pronged approach to find security issues before …

Existing coverage-based fuzzers usually use the individual control flow graph (CFG) edge
coverage to guide the fuzzing process, which has shown great potential in finding …

Many system components and network applications are written in languages that are prone
to memory corruption vulnerabilities. There have been countless cases where simple …

Memory safety is a key security property that stops memory corruption vulnerabilities.
Different types of memory safety enforcement solutions have been proposed and adopted by …

When dealing with millions of lines of code, we still cannot have the cake and eat it: sparse
value-flow analysis is powerful in checking source-sink problems, but existing work cannot …

Several defenses have increased the cost of traditional, low-level attacks that corrupt control
data, eg return addresses saved on the stack, to compromise program execution. In …

Use-after-free vulnerabilities due to dangling pointers are an important and growing threat to
systems security. While various solutions exist to address this problem, none of them is …