Stony Brook University Logo Department of Computer Science Stony Brook Search Button
Secure Systems Lab

Publications in Randomization/Memory Errors

[1]  Accurate Disassembly of Complex Binaries Without Use of Compiler Metadata
Soumyakant Priyadarshan, Huan Nguyen and R. Sekar
ACM Architectural Support for Programming Languages and Operating Systems (ASPLOS) February, 2024.
[2]  SAFER: Efficient and Error-Tolerant Binary Instrumentation
Soumyakant Priyadarshan, Huan Nguyen, Rohit Chouhan and R. Sekar
USENIX Security Symposium (USENIX Security) August, 2023.
[3]  Practical Fine-Grained Binary Code Randomization
Soumyakant Priyadarshan, Huan Nguyen and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2020. (Talk on YouTube).
[4]  On the Impact of Exception Handling Compatibility on Binary Instrumentation
Soumyakant Priyadarshan, Huan Nguyen and R. Sekar
Workshop on Forming an Ecosystem Around Software Transformation (FEAST) November, 2020.
[5]  Code-Pointer Integrity
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
The Continuing Arms Race: Code-Reuse Attacks and Defenses (Morgan-Claypool and ACM Press) January, 2018.
[6]  Protecting COTS Binaries from Disclosure-guided Code Reuse Attacks
Mingwei Zhang, Michalis Polychronakis and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2017.
[7]  Code-Pointer Integrity
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
USENIX Operating System Design and Implementation (OSDI) October, 2014.
[8]  Eternal War in Memory
Laszlo Szekeres, Mathias Payer, Tao Wei and R. Sekar
IEEE Security and Privacy Magazine (S&P Magazine) May, 2014.
[9]  A Platform for Secure Static Binary Instrumentation
Mingwei Zhang, Rui Qiao, Niranjan Hasabnis and R. Sekar
Virtual Execution Environments (VEE) March, 2014.
[10]  Control Flow Integrity for COTS Binaries
Mingwei Zhang and R. Sekar
USENIX Security Symposium (USENIX Security) August, 2013.
Best paper award!.
[11]  SoK: Eternal War in Memory
Laszlo Szekeres, Mathias Payer, Tao Wei and Dawn Song
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2013.
[12]  Protecting Function Pointers in Binary
Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Stephen McCamant and Laszlo Szekeres
ACM Symposium on Information, Computer and Communications Security (ASIACCS) May, 2013.
[13]  Practical Control Flow Integrity and Randomization for Binary Executables
Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song and Wei Zou
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2013.
[14]  Light-weight Bounds Checking
Niranjan Hasabnis, Ashish Misra and R. Sekar
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) April, 2012.
[15]  PAriCheck: An Efficient Pointer Arithmetic Checker for C Programs
Yves Younan, Pieter Philippaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens and Wouter Joosen
ACM Symposium on Information, Computer and Communications Security (ASIACCS) March, 2010.
[16]  Online Signature Generation for Windows Systems
Lixin Li, Jim Just and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2009.
[17]  Practical Techniques for Regeneration and Immunization of COTS Applications
Lixin Li, Mark R. Cornwell, E. Hultman, Jim Just and R. Sekar
Workshop on Recent Advances on Intrusion-Tolerant Systems (WRAITS) June, 2009.
[18]  Data Space Randomization
Sandeep Bhatkar and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008.
[19]  Comprehensive Memory Error Protection via Diversity and Taint-Tracking
Lorenzo Cavallaro
PhD Dissertation (Stony Brook University) February, 2008.
[20]  Address-Space Randomization for Windows Systems
Lixin Li, Jim Just and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2006.
[21]  Automatic Generation of Buffer Overflow Attack Signatures: An Approach Based on Program Behavior Models
Zhenkai Liang and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2005. (Supercedes Technical Report SECLAB-05-01 An Immune System Inspired Approach for Protection from Repetitive Attacks, March 2005.).
[22]  Fast and Automated Generation of Attack Signatures: A Basis for Building Self-Protecting Servers
Zhenkai Liang and R. Sekar
ACM Conference on Computer and Communications Security (CCS) November, 2005. (Supercedes Technical Report SECLAB-05-02 Automated, Sub-second Attack Signature Generation: A Basis for Building Self-Protecting Servers, May 2005.).
[23]  Efficient Techniques for Comprehensive Protection from Memory Error Exploits
Sandeep Bhatkar, R. Sekar and Daniel DuVarney
USENIX Security Symposium (USENIX Security) August, 2005.
[24]  Automatic Synthesis of Filters to Discard Buffer Overflow Attacks: A Step Towards Realizing Self-Healing Systems (Short Paper)
Zhenkai Liang, R. Sekar and Daniel DuVarney
USENIX Annual Technical Conference (USENIX) April, 2005.
[25]  An Efficient and Backwards-Compatible Transformation to Ensure Memory Safety of C Programs
Wei Xu, Daniel DuVarney and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2004.
[26]  SELF: a Transparent Security Extension for ELF Binaries
Daniel DuVarney, V.N. Venkatakrishnan and Sandeep Bhatkar
New Security Paradigms Workshop (NSPW) August, 2003.
[27]  Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits
Sandeep Bhatkar, Daniel DuVarney and R. Sekar
USENIX Security Symposium (USENIX Security) August, 2003.
All Publications
By Year

By Area

Source-code analysis/transformation
Binary analysis/rewriting
Policy/Specification Languages
OS and Virtualization Techniques
Algorithms
Learning/anomaly detection
Formal methods/Foundations


By Problem

Randomization/Memory Errors
Information flow analysis
Automated Exploit Defenses
Virtual Network Lab
Safe execution/attack recovery
Automated signature generation
Malware/Untrusted code defense
Intrusion/Anomaly detection
Fast packet matching
Policy generation tools


Local Search



Home Contact NSI Computer Science Stony Brook University

Copyright © 1999-2013 Secure Systems Laboratory, Stony Brook University. All rights reserved.