Stony Brook University Logo Department of Computer Science Stony Brook Search Button
Secure Systems Lab

Research on Defenses Against Untrusted Code and Malware

Related Publications

[1]  Extracting Instruction Semantics Via Symbolic Execution of Code Generators
Niranjan Hasabnis and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2016.
[2]  Hardening OpenStack Cloud Platforms against Compute Node Compromises
Wai-Kit Sze, Abhinav Srivastava and R. Sekar
ACM Symposium on Information, Computer and Communications Security (ASIACCS) May, 2016.
[3]  Lifting Assembly to Intermediate Representation: A Novel Approach Leveraging Compilers
Niranjan Hasabnis and R. Sekar
ACM Architectural Support for Programming Languages and Operating Systems (ASPLOS) April, 2016.
[4]  JaTE: Transparent and Efficient JavaScript Confinement
Tung Tran, Riccardo Pelizzi and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2015.
[5]  Provenance-based Integrity Protection for Windows
Wai-Kit Sze and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2015.
[6]  Harbormaster: Policy Enforcement for Containers
Mingwei Zhang, Daniel Marino and Petros Efstathopoulos
IEEE CloudCom (CloudCom) November, 2015.
[7]  WebSheets: Web Applications for Non-Programmers
Riccardo Pelizzi and R. Sekar
New Security Paradigms Workshop (NSPW) September, 2015.
[8]  Automatic Generation of Assembly to IR Translators Using Compilers
Niranjan Hasabnis and R. Sekar
Workshop on Architectural and Microarchitectural Support for Binary Translation (AMAS-BT) February, 2015.
[9]  Towards More Usable Information Flow Policies for Contemporary Operating Systems
Wai-Kit Sze, Bhuvan Mital and R. Sekar
ACM Symposium on Access Control Models and Technologies (SACMAT) June, 2014.
Honorable mention for Best paper.
[10]  Comprehensive Integrity Protection for Desktop Linux (Demo)
Wai-Kit Sze and R. Sekar
ACM Symposium on Access Control Models and Technologies (SACMAT) June, 2014.
[11]  A Portable User-Level Approach for System-wide Integrity Protection
Wai-Kit Sze and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2013.
[12]  Alcatraz: An Isolated Environment for Experimenting with Untrusted Software
Zhenkai Liang, Weiqing Sun, V.N. Venkatakrishnan and R. Sekar
ACM Transactions on Information and System Security (TISSEC) January, 2009.
[13]  A Practical Technique for Containment of Untrusted Plug-ins
Prateek Saxena, R. Sekar, Mithun Iyer and Varun Puranik
Technical Report (TR) August, 2008.
[14]  Expanding Malware Defense by Securing Software Installations
Weiqing Sun, R. Sekar, Zhenkai Liang and V.N. Venkatakrishnan
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008.
[15]  V-NetLab: An Approach for Realizing Logically Isolated Networks for Security Experiments
Weiqing Sun, Varun Katta, Kumar Krishna and R. Sekar
Workshop on Cyber Security Experimentation and Test (in conjunction with USENIX Security) (CSET) July, 2008.
[16]  On the Limits of Information Flow Techniques for Malware Analysis and Containment
Lorenzo Cavallaro, Prateek Saxena and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008. (Supercedes SECLAB07-03, November 2007).
[17]  Practical Proactive Integrity Preservation: A Basis for Malware Defense
Weiqing Sun, R. Sekar, Gaurav Poothia and Tejas Karandikar
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2008.
[18]  Static Binary Analysis And Transformation For Sandboxing Untrusted Plugins
Prateek Saxena
Master's Thesis (Stony Brook University) August, 2007.
[19]  MCC End-User Management Framework
Secure Systems Lab
Technical Report (TR) August, 2006. Technical Report SECLAB06-01, Secure Systems Laboratory, Stony Brook University.
[20]  One-way Isolation: An Effective Approach for Realizing Safe Execution Environments
Weiqing Sun, Zhenkai Liang, V.N. Venkatakrishnan and R. Sekar
ISOC Network and Distributed Systems Symposium (NDSS) February, 2005. (Revised version of conference paper).
[21]  Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs
Zhenkai Liang, V.N. Venkatakrishnan and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2003. Best paper award.
[22]  Model-Carrying Code: A Practical Approach for Safe Execution of Untrusted Applications
R. Sekar, V.N. Venkatakrishnan, Samik Basu, Sandeep Bhatkar and Daniel DuVarney
ACM Symposium on Operating Systems Principles (SOSP) October, 2003.
[23]  An approach for Secure Software Installation
V.N. Venkatakrishnan, R. Sekar, Sofia Tsipa, Tapan Kamat and Zhenkai Liang
USENIX Large Installation System Administration Conference (LISA) November, 2002.
[24]  Empowering mobile code using expressive security policies
V.N. Venkatakrishnan, Ram Peri and R. Sekar
New Security Paradigms Workshop (NSPW) September, 2002.
[25]  Model-Carrying Code (MCC): A New Paradigm for Mobile-Code Security
R. Sekar, C.R. Ramakrishnan, I.V. Ramakrishnan and Scott Smolka
New Security Paradigms Workshop (NSPW) September, 2001.
[26]  User-Level Infrastructure for System Call Interposition: A Platform for Intrusion Detection and Confinement
Kapil Jain and R. Sekar
ISOC Network and Distributed Systems Symposium (NDSS) February, 2000.
Overview

Research Areas

Source-code analysis/transformation
Binary analysis/rewriting
Policy/Specification Languages
OS and Virtualization Techniques
Algorithms
Learning/anomaly detection
Formal methods/Foundations


Research Problems

Randomization/Memory Errors
Information flow analysis
Automated Exploit Defenses
Virtual Network Lab
Safe execution/attack recovery
Automated signature generation
Malware/Untrusted code defense
Intrusion/Anomaly detection
Fast packet matching
Policy generation tools


Local Search



Home Contact NSI Computer Science Stony Brook University

Copyright © 1999-2013 Secure Systems Laboratory, Stony Brook University. All rights reserved.