Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- research-articleAugust 2023
A hybrid alias analysis and its application to global variable protection in the linux kernel
SEC '23: Proceedings of the 32nd USENIX Conference on Security SymposiumArticle No.: 236, Pages 4211–4228Global variables in the Linux kernel have been a common target of memory corruption attacks to achieve privilege escalation. Several potential defense mechanisms can be employed to safeguard global variables. One approach involves placing global variables ...
Demystifying the dependency challenge in kernel fuzzing
ICSE '22: Proceedings of the 44th International Conference on Software EngineeringPages 659–671https://doi.org/10.1145/3510003.3510126Fuzz testing operating system kernels remains a daunting task to date. One known challenge is that much of the kernel code is locked under specific kernel states and current kernel fuzzers are not effective in exploring such an enormous state space. We ...
- research-articleDecember 2021
Eluding ML-based Adblockers With Actionable Adversarial Examples
- Shitong Zhu,
- Zhongjie Wang,
- Xun Chen,
- Shasha Li,
- Keyu Man,
- Umar Iqbal,
- Zhiyun Qian,
- Kevin S. Chan,
- Srikanth V. Krishnamurthy,
- Zubair Shafiq,
- Yu Hao,
- Guoren Li,
- Zheng Zhang,
- Xiaochen Zou
ACSAC '21: Proceedings of the 37th Annual Computer Security Applications ConferencePages 541–553https://doi.org/10.1145/3485832.3488008Online advertisers have been quite successful in circumventing traditional adblockers that rely on manually curated rules to detect ads. As a result, adblockers have started to use machine learning (ML) classifiers for more robust detection and ...
- research-articleNovember 2021
Statically Discovering High-Order Taint Style Vulnerabilities in OS Kernels
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications SecurityPages 811–824https://doi.org/10.1145/3460120.3484798Static analysis is known to yield numerous false alarms when used in bug finding, especially for complex vulnerabilities in large code bases like the Linux kernel. One important class of such complex vulnerabilities is what we call "high-order taint ...
- research-articleAugust 2020
KOOBE: towards facilitating exploit generation of kernel out-of-bounds write vulnerabilities
SEC'20: Proceedings of the 29th USENIX Conference on Security SymposiumArticle No.: 62, Pages 1093–1110The monolithic nature of modern OS kernels leads to a constant stream of bugs being discovered. It is often unclear which of these bugs are worth fixing, as only a subset of them may be serious enough to lead to security takeovers (i.e., privilege ...
