Software-based fault isolation (SFI), as used in Google’s Native Client (NaCl), relies upon a conceptually simple machine-code analysis to enforce a security policy. But for com...
Greg Morrisett, Gang Tan, Joseph Tassarotti, Jean-...
Monitors have been used for real-time systems to ensure proper behavior; however, most approaches do not allow for the addition of relevant fields required to identify and react t...
This paper presents results from analyzing the vulnerability of security-critical software applications to malicious threats and anomalous events using an automated fault injectio...
Many of the bugs in distributed software modules are security vulnerabilities, the most common and also the most exploited of which are buffer overflows and they typically arise in...
This paper presents S2E, a platform for analyzing the properties and behavior of software systems. We demonstrate S2E’s use in developing practical tools for comprehensive perfo...
Vitaly Chipounov, Volodymyr Kuznetsov, George Cand...