Given a crash dump or a kernel memory snapshot, it is often de-sirable to have a capability that can traverse its pointers to locate the root cause of the crash, or check their integrity to detect the control flow hijacks. To achieve this, one key challenge lies in how to locate where the pointers are. While locating a pointer usually requires the data structure knowledge of the corresponding program, an important advance made by this work is that we show a tech-nique of extracting address-independent data reference expressions for pointers through dynamic binary analysis. This novel pointer reference expression encodes how a pointer is accessed through the combination of a base address (usually a global variable) with certain offset and fu...
The incorrect use of pointers is one of the most common source of bugs. As a consequence, any kind o...
We study the applicability of pointer analysis algorithms (originally aimed at optimizing compilers)...
Many modern defenses rely on address space layout randomization (ASLR) to efficiently hide security-...
Abstract. As dynamic kernel runtime objects are a significant source of securi-ty and reliability pr...
This paper concerns static analysis algorithms for analyzing x86 executables. The aim of the work is...
Dynamic kernel memory is difficult to analyze due to its volatile status; numerous kernel objects ar...
Increasingly complex malware continues to evade detection, stealing information, taking systems offl...
The examination and monitoring of binaries during runtime, referred to as dynamic binary analysis, i...
As dynamic kernel runtime objects are a significant source of security and reliability problems in O...
Software exploits are one of the major threats to internet security. To quickly respond to these att...
Abstract. This paper concerns static-analysis algorithms for analyzing x86 executables. The aim of t...
The rapid development in the digital world has contributed to the dramatic increase in the number of...
Various methods for memory fault detection have been developed through continuous study. However, ma...
IEEE Modern operating system kernels deploy Kernel Address Space Layout Randomization (KASLR) to mit...
Abstract—Many system components and network applications are written in languages that are prone to ...
The incorrect use of pointers is one of the most common source of bugs. As a consequence, any kind o...
We study the applicability of pointer analysis algorithms (originally aimed at optimizing compilers)...
Many modern defenses rely on address space layout randomization (ASLR) to efficiently hide security-...
Abstract. As dynamic kernel runtime objects are a significant source of securi-ty and reliability pr...
This paper concerns static analysis algorithms for analyzing x86 executables. The aim of the work is...
Dynamic kernel memory is difficult to analyze due to its volatile status; numerous kernel objects ar...
Increasingly complex malware continues to evade detection, stealing information, taking systems offl...
The examination and monitoring of binaries during runtime, referred to as dynamic binary analysis, i...
As dynamic kernel runtime objects are a significant source of security and reliability problems in O...
Software exploits are one of the major threats to internet security. To quickly respond to these att...
Abstract. This paper concerns static-analysis algorithms for analyzing x86 executables. The aim of t...
The rapid development in the digital world has contributed to the dramatic increase in the number of...
Various methods for memory fault detection have been developed through continuous study. However, ma...
IEEE Modern operating system kernels deploy Kernel Address Space Layout Randomization (KASLR) to mit...
Abstract—Many system components and network applications are written in languages that are prone to ...
The incorrect use of pointers is one of the most common source of bugs. As a consequence, any kind o...
We study the applicability of pointer analysis algorithms (originally aimed at optimizing compilers)...
Many modern defenses rely on address space layout randomization (ASLR) to efficiently hide security-...