Security and Reliability

2010

• The 2010 IEEE Symposium on Security and Privacy

  [Malware Analysis]

  Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries
  C. Kolbitsch (*), T. Holz (*), C. Kruegel (**), E. Kirda (***)
  * Vienna University of Technology, ** University of California, Santa Barbara, *** Institute Eurecom
  Synthesizing Near-Optimal Malware Specifications from Suspicious Behaviors
  M. Fredrikson (*), M. Christodorescu (**), S. Jha (*), R. Sailer (**), X. Yan (***)
  * University of Wisconsin, ** IBM Research, *** University of California, Santa Barbara
  Identifying Dormant Functionality in Malware Programs
  P. Comparetti (*), G. Salvaneschi (**), C. Kolbitsch (*), E. Kirda (***), C. Kruegel (****), S. Zanero (**)
  * Technical University Vienna, ** Politecnico di Milano, *** Institut Eurecom, **** University of California, Santa Barbara

  [Secure Systems]

  A Proof-Carrying File System
  D. Garg and F. Pfenning
  Carnegie Mellon University
  Scalable Parametric Verification of Secure Systems: How to Verify Reference Monitors without Worrying about Data Structure Size
  J. Franklin (*), S. Chaki (*), A. Datta (*), A. Seshadri (**)
  * Carnegie Mellon University, ** IBM Research

  ---

• The 5th European Conference on Computer Systems

  [Kernel]

  Defeating Return-Oriented Rootkits With "Return-less" Kernels
  J. Li, Z. Wang, X. Jiang, M. Grace, and S. Bahram
  North Carolina State University

  ---

• The 7th USENIX Symposium on Networked Systems Design and Implementation

  [Improving MapReduce]

  Airavat: Security and Privacy for MapReduce
  I. Roy, S. Setty, A. Kilzer, V. Shmatikov, and E. Witchel
  The University of Texas at Austin

  [Malware]

  SplitScreen: Enabling Efficient, Distributed Malware Detection
  S. Cha, I. Moraru, J. Jang, J. Truelove, D. Brumley, and D. Andersen
  Carnegie Mellon University

2009

• The 20009 Annual Computer Security Applications Conference Symposium

  [Malware, Botnets and OS Security (Part 2)]

  Protecting Commodity OS Kernels from Vulnerable Device Drivers
  S. Butt (*), V. Ganapathy (*), M. Swift (**) C. Chang (*)
  * Rutgers University, ** University of Wisconsin-Madison

  ---

• The 22st ACM Symposium on Operating Systems Principles

  [Device Drivers]

  Fast Byte-granularity Software Fault Isolation
  M. Castro (*), M. Costa (*), J.P. Martin (*), M. Peinado (*), P. Akritidis (*, **), A. Donnelly (*), P. Barham (*), and R. Black (*)
  * Microsoft Research, ** Cambridge University
  Tolerating Hardware Device Failures in Software
  A. Kadav, M. Renzelmann, and M. Swift
  University of Wisconsin-Madison

  [Debugging]

  Automatically Patching Errors in Deployed Software
  J. Perkins (*), S. Kim (**), S. Larsen (***), S. Amarasinghe (*), J. Bachrach (*), M. Carbin (*), C. Pacheco (****), F. Sherwood, S. Sidiroglou (*), G. Sullivan (*****), W. Wong (******), Y. Zibin (*******), M. Ernst (********), and M. Rinard (*)
  * MIT, ** HKUST, *** VMware, Inc, **** BCG ***** BAE AIT, ****** NUS, ******* Come2Play, ******** U. of Washington

  [I/O]

  Operating Systems Transactions
  D. Porter, O. Hofmann, C. Rossbach, A. Benn, and E. Witchel
  The University of Texas at Austin

  [Kernels]

  seL4: Formal Verification of an OS Kernel
  G. Klein (*, **), K. Elphinstone (*, **), G. Heiser (*, **, ***), J. Andronick (*), D. Cock (*), P. Derrin (*), D. Elkaduwe (*, **, ****), K. Engelhardt (*, **), M. Norrish (*, *****), R. Kolanski (*, **), T. Sewell (*), H. Tuch (*, **), and S. Winwood (*, **)
  * NICTA, ** UNSW, *** Open Kernel Labs, **** University of Peradeniya, ***** ANU
  Surviving Sensor Network Software Faults
  Y. Chen (*), O. Gnawali (**), M. Kazandjieva (***), P. Levis (***), and J. Regehr (*)
  * University of Utah, ** USC, *** Stanford University

  ---

• The 16th ACM Conference on Computer and Communications Security

  [System Security]

  Robust Signatures for Kernel Data Structures
  B. Dolan-Gavitt, A. Srivastava, P. Traynor, and J. Giffin
  Georgia Institute of Technology
  
  

  ---

• The 18th USENIX Security Symposium

  [Malware Detection and Protection]

  Effective and Efficient Malware Detection at the End Host
  C. Kolbitsch (*), P. Comparetti (*), C. Kruegel (**), E. Kirda (***), X. Zhau (****), and X. Wang (****)
  * TU Vienna, ** UC Santa Barbara, *** Institute Eurecom, Sophia Antipolis, Indiana University at Bloomington
  
  

  Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanism

  R. Hund, T. Holz, and F. Freiling
  University of Mannheim

  ---

• The 2009 IEEE Symposium on Security and Privacy

  [Malicious Code]

  Native Client: A Sandbox for Portable, Untrusted x86 Native Code
  B. Yee, D. Sehr, G. Dardyk, B. Chen, R. Muth, T. Ormandy, S. Okasaka, N. Narula, and N. Fullagar
  Google
  Automatic Reverse Engineering of Malware Emulators
  M. Sharif, A. Lanzi, J. Giffin, and W. Lee
  Georgia Institute of Technology
  cf. Rotalumè: A Tool for Automatic Reverse Engineering of Malware Emulators
  M. Sharif, A. Lanzi, J. Giffin, and W. Lee
  Georgia Institute of Technology

  ---

• The 4th European Conference on Computer Systems

  [Defending against Bad Things]

  Orchestra: Intrusion Detection Using Parallel Execution and Monitoring of Program Variants in User-Space
  B. Salamat, T. Jackson, A. Gal, and M. Franz
  University of California

  [Real, Running Systems]

  First-Aid: Surviving and Preventing Memory Management Bugs during Production Runs
  Q. Gao, W. Zhang, Y. Tang, and F. Qin
  Ohio State University
  Ksplice: Automatic Rebootless Kernel Updates
  J. Arnold and M. Kaashoek
  Massachusetts Institute of Technology

  ---

• The 16th Annual Network and Distributed System Security Symposium

  [Host Security]

  IntScope: Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution
  T. Wang (*), T. Wei (*), Z. Lin (**), and W. Zou (*)
  * Peking University, ** Purdue University

2008

• The 8th USENIX Symposium on Operating Systems Design and Implementation

  [OS Architecture]

  CuriOS: Improving Reliability through Operating System Structure
  F. David, E. Chan, J. Carlyle, and R. Campbell
  University of Illinois

  [Security]

  Hardware Enforcement of Application Security Policies Using Tagged Memory
  N. Zeldovich (*), H. Kannan (**), M. Dalton (**), and C. Kozyrakis(**)
  * MIT, ** Stanford University
  
  Device Driver Safety Through a Reference Validation Mechanism
  D. Williams, P. Reynolds, K. Walsh, E. Sirer, and F. Schneider
  Cornell University

  [Various Good Things]

  Leveraging Legacy Code to Deploy Desktop Applications on the Web
  J. Douceur, J. Elson, J. Howell, and J. Lorch
  Microsoft Research

  ---

• The 15th ACM Conference on Computer and Communications Security

  [Software Security 1]

  Extending Logical Attack Graphs for Efficient Vulnerability Analysis
  D. Saha
  Motorola India Research Lab

  [System Security 2]

  Rootkit-Resistant Disks
  K. Butler, S. McLaughlin, and P. McDaniel
  Pennsylvania State University

  ---

• The 2008 IEEE Symposium on Security and Privacy

  [Attacks II]

  Cloaker: Hardware Supported Rootkit Concealment
  F. David, E. Chan, J. Carlyle, and R. Campbell
  University of Illinois at Urbana-Champaign

  ---

• The 5th USENIX Symposium on Networked Systems Design and Implementation

  [Trust]

  Detecting In-Flight Page Changes with Web Tripwires
  C. Reis (*), S. Gribble (*), T. Kohno (*), and N. Weaver (**)
  * University of Washington, ** International Computer Science Institute
  
  

  [Security]

  Wedge: Splitting Applications into Reduced-Privilege Compartments
  A. Bittau, P. Marchenko, and M. Handley, and B. Karp
  University College London

  ---

• The 17th USENIX Security Symposium

  [Network Defenses]

  ClaudAV: N-Version Antivirus in the Network Cloud
  J. Oberheide, E. Cooke, and F. Jahanian
  University of Michigan
  
  
  [Systems Security]

  Selective Versioning in a Secure Disk System

  S. Sundararaman, G. Sivahanu, and E. Zadok
  Stony Brook University

2007

• The 1st USENIX Workshop on Offensive Technologies

  [From the Metal to the Infrastructure]

  Exploiting Concurrency Vulnerabilities in System Call Wrappers
  R. Watson
  University of Cambridge

  ---

• The 4th USENIX Symposium on Networked Systems Design and Implementation

  [Tolerating Faults and Misbehavior]

  TightLip: Keeping Applications from Spilling the Beans
  A. Yumerefendi, B. Mickle, and L. Cox
  Duke University

2006

• The 15th USENIX Security Symposium

  [System Assurance]

  An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data
  N. Petroni, Jr (*), T. Fraser (*), A. Walters (**), and W. Arbaugh (*)
  * University of Maryland, ** Purdue University

  ---

• IEEE Transactions on Dependable and Secure Computing
  System Call Monitoring Using Authenticated System Calls
  M. Rajagopalan, M. Hiltunen, T. Jim, and R. Schlichting
  AT&T Labs, Inc.

2005

• The 14th USENIX Security Symposium

  [Attacks]

  Automating Mimicry Attacks Using Static Binary Analysis
  C. Kruegel (*), E. Kirda (*), D. Mutz (**), W. Robertson (**), and G. Vigna (**)
  * Technical University Vienna, ** University of California, Santa Barbara
  
  Non-Control-Data Attacks Are Realistic Threats
  S. Chen (*), J. Xu (**), E. Sezer (**), P. Gauriar (**), and R. Iyer (*)
  * University of Illinois, ** North Carolina State University
  
  

2004

• The 20th Annual Computer Security Applications Conference Symposium

  [Network Monitoring and Intrusion Detection]

  Detecting Kernel-Level Rootkits Through Binary Analysis
  C. Kruegel (*), W. Robertson (**), and G. Vigna (**)
  * Technical University Vienna, ** University of California, Santa Barbara

  ---

• The 11th Annual Network and Distributed System Security Symposium

  [Network Monitoring and Intrusion Detection]

  Ostia: A Delegating Architecture for Secure System Call Interposition
  T. Garfinkel, B. Pfaff, and M. Rosenblum
  Stanford University

  ---

• The 13th USENIX Security Symposium

  [Protecting Software I]

  Avfs: An On-Access Anti-Virus File System
  Y. Miretskiy, A. Das, C. Wright, and E. Zadok
  Stony Brook University

2003

• The 10th Annual Network and Distributed System Security Symposium

  [Network Monitoring and Intrusion Detection]

  Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools
  T. Garfinkel
  Stanford University

  ---

• The 12th USENIX Security Symposium

  [Attacks]

  Denial of Service via Algorithmic Complexity Attacks
  S. Crosby and D. Wallach
  Rice University

2002

• The 9th ACM Conference on Computer and Communications Security

  [Intrusion Detection]

  Mimicry Attacks on Host-Based Intrusion Detection Systems
  D. Wagner and P. Soto
  University of California, Berkeley