Stony Brook University Logo Department of Computer Science Stony Brook Search Button
Secure Systems Lab

Publications in Source-code analysis/transformation

[1]  Code-Pointer Integrity
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
The Continuing Arms Race: Code-Reuse Attacks and Defenses (Morgan-Claypool and ACM Press) January, 2018.
[2]  Memory corruption mitigation via hardening and testing
Laszlo Szekeres
PhD Dissertation (Stony Brook University) May, 2017.
[3]  Extracting Instruction Semantics Via Symbolic Execution of Code Generators
Niranjan Hasabnis and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2016.
[4]  Securing Web Applications
Riccardo Pelizzi
PhD Dissertation (Stony Brook University) May, 2016.
[5]  JaTE: Transparent and Efficient JavaScript Confinement
Tung Tran, Riccardo Pelizzi and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2015.
[6]  Automatic Generation of Assembly to IR Translators Using Compilers
Niranjan Hasabnis and R. Sekar
Workshop on Architectural and Microarchitectural Support for Binary Translation (AMAS-BT) February, 2015.
[7]  Checking Correctness of Code Generator Architecture Specifications
Niranjan Hasabnis, Rui Qiao and R. Sekar
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) February, 2015.
[8]  Code-Pointer Integrity
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
USENIX Operating System Design and Implementation (OSDI) October, 2014.
[9]  Eternal War in Memory
Laszlo Szekeres, Mathias Payer, Tao Wei and R. Sekar
IEEE Security and Privacy Magazine (S&P Magazine) May, 2014.
[10]  SoK: Eternal War in Memory
Laszlo Szekeres, Mathias Payer, Tao Wei and Dawn Song
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2013.
[11]  Light-weight Bounds Checking
Niranjan Hasabnis, Ashish Misra and R. Sekar
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) April, 2012.
[12]  Taint-Enhanced Anomaly Detection
Lorenzo Cavallaro and R. Sekar
International Conference on Information Systems Security (ICISS) December, 2011.
[13]  PAriCheck: An Efficient Pointer Arithmetic Checker for C Programs
Yves Younan, Pieter Philippaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens and Wouter Joosen
ACM Symposium on Information, Computer and Communications Security (ASIACCS) March, 2010.
[14]  Anomalous Taint Detection (Extended Abstract)
Lorenzo Cavallaro and R. Sekar
Recent Advances in Intrusion Detection (RAID) September, 2008. (Full version available as Technical Report SECLAB08-06).
[15]  Data Space Randomization
Sandeep Bhatkar and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008.
[16]  On the Limits of Information Flow Techniques for Malware Analysis and Containment
Lorenzo Cavallaro, Prateek Saxena and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008. (Supercedes SECLAB07-03, November 2007).
[17]  Provably Correct Runtime Enforcement of Non-Interference Properties
V.N. Venkatakrishnan, Wei Xu, Daniel DuVarney and R. Sekar
International Conference on Information and Communications Security (ICICS) December, 2006. (Supercedes Technical Report SECLAB-04-01, Stony Brook University, March, 2004.).
[18]  Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks
Wei Xu, Sandeep Bhatkar and R. Sekar
USENIX Security Symposium (USENIX Security) August, 2006. (An earlier version appeared as Technical Report SECLAB-05-06, November 2005. Also supercedes Technical Report SECLAB-05-05 A Unified Approach for Preventing Attacks Exploiting a Range of Software Vulnerabilities, August 2005, and Technical Report SECLAB-05-04 Practical dynamic taint analysis for countering input validation attacks on web applications, May 2005, [PDF]).
[19]  Efficient Techniques for Comprehensive Protection from Memory Error Exploits
Sandeep Bhatkar, R. Sekar and Daniel DuVarney
USENIX Security Symposium (USENIX Security) August, 2005.
[20]  An Efficient and Backwards-Compatible Transformation to Ensure Memory Safety of C Programs
Wei Xu, Daniel DuVarney and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2004.
All Publications
By Year

By Area

Source-code analysis/transformation
Binary analysis/rewriting
Policy/Specification Languages
OS and Virtualization Techniques
Algorithms
Learning/anomaly detection
Formal methods/Foundations


By Problem

Randomization/Memory Errors
Information flow analysis
Automated Exploit Defenses
Virtual Network Lab
Safe execution/attack recovery
Automated signature generation
Malware/Untrusted code defense
Intrusion/Anomaly detection
Fast packet matching
Policy generation tools


Local Search



Home Contact NSI Computer Science Stony Brook University

Copyright © 1999-2013 Secure Systems Laboratory, Stony Brook University. All rights reserved.