Hardware support for code integrity in embedded processors
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Dynamic multi-process information flow tracking for web application security
Proceedings of the 2007 ACM/IFIP/USENIX international conference on Middleware companion
Security extensions for integrity and confidentiality in embedded processors
Microprocessors & Microsystems
Using Pit to improve security in low-level programs
The Journal of Supercomputing
IntPatch: automatically fix integer-overflow-to-buffer-overflow vulnerability at compile-time
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Hi-index | 0.00 |
Vulnerability research is largely driven by trends, which begin when new classes of vulnerabilities are discovered or innovative techniques for exploiting known classes of vulnerabilities are published.For example, when attackers demonstrate that they can exploit a certain type of programming error to compromise a system's security, the result is the immediate discovery of instances of that error present in software packages. In the last few years, two trends that have emerged are format-string bugs (vulnerabilities that are due to errors in the use of "printf()" functions), and heap-based memory corruption bugs (programming errors that resultin data corruption in the region of memory designated for dynamic memory allocation, or the "heap").Once techniques for exploiting these bugs were published, dozens of vulnerabilities were rapidly discovered, exploited, and fixed.