Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
The advantages of machine-dependent global optimization
Proceedings of the international conference on Programming languages and system architectures
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Retargetable and reconfigurable software dynamic translation
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation
ACM Transactions on Information and System Security (TISSEC)
Planning for code buffer management in distributed virtual execution environments
Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments
Instrumentation in software dynamic translators for self-managed systems
WOSS '04 Proceedings of the 1st ACM SIGSOFT workshop on Self-managed systems
BASS: a benchmark suite for evaluating architectural security systems
ACM SIGARCH Computer Architecture News
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
FormatGuard: automatic protection from printf format string vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Address obfuscation: an efficient approach to combat a board range of memory error exploits
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Preventing Memory Error Exploits with WIT
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
PEASOUP: preventing exploits against software of uncertain provenance (position paper)
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Replacement attacks against VM-protected applications
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
Stack layout transformation: towards diversity for securing binary programs
Proceedings of the 34th International Conference on Software Engineering
Accelerating Dynamic Detection of Uses of Undefined Values with Static Value-Flow Analysis
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
| Hi-index | 0.00 |
Memory errors continue to be a major source of software failure. To address this issue, we present MEDS (Memory Error Detection System), a system for detecting memory errors within binary executables. The system can detect buffer overflow, uninitialized data reads, double-free, and deallocated memory access errors and vulnerabilities. It works by using static analysis to prove memory accesses safe. If a memory access cannot be proven safe, MEDS falls back to run-time analysis. The system exceeds previous work with dramatic reductions in false positives, as well as covering all memory segments (stack, static, heap).