Abstract—The number and complexity of attacks on computer systems are increasing. This growth necessitates proper defense mechanisms. Intrusion detection systems play an important role in detecting and disrupting attacks before they can compromise software. Multi-variant execution is an intrusion detection mechanism that executes several slightly different versions, called variants, of the same program in lockstep. The variants are built to have identical behavior under normal execution conditions. However, when the variants are under attack, there are detectable differences in their execution behavior. At run time, a monitor compares the behavior of the variants at certain synchronization points and raises an alarm when a discrepancy is de...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Multiprocessor SoCs are increasingly deployed in embedded systems with little or no security feature...
Multi-variant program execution is an application of n-version programming, in which several slightl...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
We present an architectural framework for systematically using automated diversity to provide high a...
We present GHUMVEE, a multi-variant execution engine for software intrusion detection. GHUMVEE trans...
Memory error exploits rank among the most serious security threats. Of the plethora of memory error ...
Host-based intrusion detection systems monitor systems in operation for significant deviations from ...
N-Variant Execution (NVX) systems utilize artificial diversity techniques to enhance software securi...
We present GHUMVEE, a multi-variant execution engine for software intrusion detection. GHUMVEE trans...
Kernel information leak vulnerabilities are a major security threat to production systems. Attackers...
Fault injection attacks alter the intended behavior of micro-controllers, compromising their securit...
Memory corruption vulnerabilities remain a grave threat to systems software written in C/C++. Curren...
Abstract—We present a lightweight hardware framework for providing high assurance detection and prev...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Multiprocessor SoCs are increasingly deployed in embedded systems with little or no security feature...
Multi-variant program execution is an application of n-version programming, in which several slightl...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
We present an architectural framework for systematically using automated diversity to provide high a...
We present GHUMVEE, a multi-variant execution engine for software intrusion detection. GHUMVEE trans...
Memory error exploits rank among the most serious security threats. Of the plethora of memory error ...
Host-based intrusion detection systems monitor systems in operation for significant deviations from ...
N-Variant Execution (NVX) systems utilize artificial diversity techniques to enhance software securi...
We present GHUMVEE, a multi-variant execution engine for software intrusion detection. GHUMVEE trans...
Kernel information leak vulnerabilities are a major security threat to production systems. Attackers...
Fault injection attacks alter the intended behavior of micro-controllers, compromising their securit...
Memory corruption vulnerabilities remain a grave threat to systems software written in C/C++. Curren...
Abstract—We present a lightweight hardware framework for providing high assurance detection and prev...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Multiprocessor SoCs are increasingly deployed in embedded systems with little or no security feature...