About


The Systems and Software Security (S3) Lab at The University of Texas at Dallas focuses on building new systems and automated techniques to secure our computer systems including OS kernels and the running software. We cover a wide spectrum of technology including those from hardware, architecture, virtualization, operating system, and compilers. Our emphasis is the underlying program (including source code and binary code) analysis techniques as computer systems essentially run programs, and our particularly interested applications include the protection of hypervisor and operating system kernel, the inference of binary code for vulnerability discovery and malicious behavior analysis as well as the binary code rewriting and reuse, the investigation of the cyber attacks such as intrusion detection and digital forensics, and the digital data recovery.

Since the establishment of the S3 Lab, our research has been sponsored in part by AFOSR, DARPA, NSA, NSF, Raytheon, and VMware. Their support is greatly appreciated.

Current Interests


People


Faculty

PhD Students

Master Students

Undergraduate Students

Alumni

Note

Publications


Note: these publication materials are presented to ensure a timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each paper's copyright (e.g., ACM/IEEE/USENIX/ISOC Copyright Policy).

Venue Paper Details
2018
CGO "SGX-Elide: Enabling Enclave Code Secrecy via Self-Modification". Erick Bauman, Huibo Wang, Mingwei Zhang, and Zhiqiang Lin. To appear in Proceedings of International Symposium on Code Generation and Optimization, Vienna, Austria, February 2018. [PDF][Slides][Bibtex]
NDSS "Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics". Erick Bauman, Zhiqiang Lin, and Kevin Hamlen. To appear in Proceedings of the 25th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2018. [PDF][Slides][Bibtex]
NDSS "IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing". Jiongyi Chen, Wenrui Diao, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, XiaoFeng Wang, Wing Cheong Lau, Menghan Sun, Ronghai Yang, Kehuan Zhang. To appear in Proceedings of the 25th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2018. [PDF][Slides][Bibtex]
SIGCSE "On the Use of Virtual Machine Introspection for Kernel Security Education". Manish Bhatt, Irfan Ahmed, and Zhiqiang Lin. To appear in Proceedings of The 49th ACM Technical Symposium on Computer Science Education, Baltimore, MD, February 2018. [PDF][Slides][Bibtex]
2017
CCS "AuthScope: Towards Automatic Discovery of Vulnerable Authorizations in Online Services". Chaoshun Zuo, Qingchuan Zhao, and Zhiqiang Lin. In Proceedings of the 24th ACM Conference on Computer and Communications Security, Dallas, Texas. November 2017. (151/843=17.9%) [PDF][Slides][Bibtex]
CCS "SGX-BigMatrix: A Practical Encrypted Data Analytic Framework With Trusted Processors". Fahad Shaon, Murat Kantarcioglu, Zhiqiang Lin, and Latifur Khan. In Proceedings of the 24th ACM Conference on Computer and Communications Security, Dallas, Texas. November 2017. (151/843=17.9%) [PDF][Slides][Bibtex]
CCS "FreeGuard: A Faster Secure Heap Allocator". Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, and Tongping Liu. In Proceedings of the 24th ACM Conference on Computer and Communications Security, Dallas, Texas. November 2017. (151/843=17.9%) [PDF][Slides][Bibtex]
RAID "Thwarting Controlled Side Channel Attacks via Enclave Verifiable Page Faults". Yangchun Fu, Erick Bauman, Raul Quinonez, and Zhiqiang Lin. In Proceedings of the 20th International Symposium on Research in Attacks, Intrusions and Defenses, Atlanta, Georgia. September 2017 (21/106 = 19.8%). [PDF][Slides][Bibtex]
ESORICS "Securing Data Analytics on SGX With Randomization". Swarup Chandra, Vishal Karande, Zhiqiang Lin, Latifur Khan, Murat Kantarcioglu, and Bhavani Thuraisingham. In Proceedings of the 22nd European Symposium on Research in Computer Security, Oslo, Norway. September, 2017. [PDF][Bibtex]
APSYS "Building a Security OS With Software Defined Infrastructure". Guofei Gu, Hongxin Hu, Eric Keller, Zhiqiang Lin, Donald E. Porter. In The 8th ACM SIGOPS Asia-Pacific Workshop on Systems, Mumbai, India. September, 2017. [PDF][Bibtex]
WWW "Exposing Server URLs of Mobile Apps With Selective Symbolic Execution". Chaoshun Zuo, and Zhiqiang Lin. In Proceedings of the 26th World Wide Web Conference, Perth, Australia. April 2017. (164/966=17%) [PDF][Bibtex]
ASIACCS "SGX-Log: Securing System Logs With SGX". Vishal Karande, Erick Buaman, Zhiqiang Lin, and Latifur Khan. In Proceedings of the 12th ACM Asia Conference on Computer and Communications Security, Abu Dhabi. April 2017. [PDF][Slides][Bibtex]
CODASPY "PT-CFI: Transparent Backward-Edge Control Flow Violation Detection Using Intel Processor Trace". Yufei Gu, Qingchuan Zhao, Yinqian Zhang, and Zhiqiang Lin. In Proceedings of the 7th ACM Conference on Data and Application Security and Privacy, Scottsdale, Arizona. March 2017. [PDF][Slides][Bibtex]
2016
ACSAC "Adaptive Encrypted Traffic Fingerprinting With Bi-Directional Dependence". Khaled Al Naami, Swarup Chandra, Ahmad Mustafa, Latifur Khan, Zhiqiang Lin, Kevin Hamlen, and Bhavani Thuraisingham. In Proceedings of the 32nd Annual Computer Security Applications Conference, Los Angelos, CA, December 2016. (48/210=22.8%) [PDF][Bibtex]
SYSTEX "A Case for Protecting Computer Games With SGX". Erick Bauman, and Zhiqiang Lin. In Proceedings of the 1st Workshop on System Software for Trusted Execution, Trento, Italy. December 2016. [PDF][Slides][Bibtex]
RAID "Detecting Stack Layout Corruptions with Robust Stack Unwinding". Yangchun Fu, Jungwhan Rhee, Zhiqiang Lin, Zhichun Li, Hui Zhang, Guofei Jiang. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses, Paris, France. September 2016 (21/81 = 25.9%). [PDF][Bibtex]
RAID "Automatic Uncovering of Tap Points From Kernel Executions". Junyuan Zeng, Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses, Paris, France. September 2016 (21/81 = 25.9%). [PDF][Slides][Bibtex]
CSUR "Type Inference on Executables'', Juan Caballero and Zhiqiang Lin. to appear in ACM Computing Surveys, 2016. [PDF]Bibtex]
CODASPY "Derandomizing Kernel Address Space Layout for Introspection and Forensics". Yufei Gu, and Zhiqiang Lin. To appear in Proceedings of the 6th ACM Conference on Data and Application Security and Privacy, New Orleans, LA, March 2016. [PDF][Slides][Bibtex]
NDSS "Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services"(or How to brute-force user's password when given a mobile app). Chaoshun Zuo, Wubing Wang, Rui Wang, and Zhiqiang Lin. To appear in Proceedings of the 23rd ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2016 (60/389 = 15.4%). [PDF][Slides][Bibtex]
2015
RAID "Towards Automatic Inference of Kernel Object Semantics from Binary Code". Junyuan Zeng and Zhiqiang Lin. In Proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses, Kyoto, Japan. November 2015 (28/147 = 19%). [PDF][Slides][Bibtex]
ESEC/FSE "Automatically Deriving Pointer Reference Expressions From Executions For Memory Dump Analysis". Yangchun Fu, Zhiqiang Lin, and David Brumley. In Proceedings of the 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering. BERGAMO, ITALY, September 2015. [PDF][Bibtex][Slides]
CSUR "A Survey on Hypervisor Based Monitoring: Approaches, Applications, and Evolutions'', Erick Bauman, Gbadebo Ayoade, and Zhiqiang Lin. to appear in ACM Computing Surveys, August 2015. [PDF]Bibtex]
ESORICS "A Practical Approach for Adaptive Data Structure Layout Randomization". Ping Chen, Jun Xu, Zhiqiang Lin, Dongyan Xu, Bing Mao and Peng Liu. In Proceedings of the 20th European Symposium on Research in Computer Security, Vienna, Austria, September, 2015. [PDF][Bibtex]
USENIX-SEC "You Shouldn't Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps". Jin Chen, Haibo Chen, Erick Bauman, Zhiqiang Lin, Binyu Zang, Haibing Guan. In Proceedings of the 2015 USENIX Security Symposium, Washington DC. August 2015 (67/426 = 15.7%). [PDF][Bibtex]
DSN "Enhancing Software Dependability and Security with Hardware Supported Instruction Address Space Randomization". Seung Hun Kim, Lei Xu, Ziyi Liu, Zhiqiang Lin, Won Woo Ro, and Weidong Shi . In Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Rio De Janeiro, Brazil. June 2015 [PDF][Bibtex]
ISPEC "Half a Century of Practice: Who Is Still Storing Plaintext Passwords?'' Erick Bauman, Yafeng Lu, and Zhiqiang Lin. In Proceedings of the 11th International Conference on Information Security Practice and Experience, Beijing, China. May 2015 [PDF][Bibtex]
VEE "PEMU: A Pin Highly Compatible Out-of-VM Dynamic Binary Instrumentation Framework". Junyuan Zeng, Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, Istanbul, Turkey, March 2013 [PDF][Slides][Bibtex]
2014
ACSAC "MACE: High-Coverage and Robust Memory Analysis For Commodity Operating Systems". Qian Feng, Aravind Prakash, Heng Yin, and Zhiqiang Lin. In Proceedings of the 30th Annual Computer Security Applications Conference, New Orleans, Louisiana, December 2014. (19%) [PDF][Bibtex]
TDSC "On the Trustworthiness of Memory Analysis---An Empirical Study from the Perspective of Binary Execution", Aravind Prakash, Eknath Venkataramani, Heng Yin, and Zhiqiang Lin. IEEE Transactions on Dependable and Secure Computing (TDSC), October 2014. [PDF][Bibtex]
SECURECOMM "A Systematic Study of the Covert-Channel Attacks in Smartphones'' (short paper). Swarup Chandra, Zhiqiang Lin, Ashish Kundu and Latifur Khan. To appear in in Proceedings of the 10th International Conference on Security and Privacy in Communication Networks, Beijing, China. September 2014. [PDF][Bibtex]
ESORICS "SigPath: A Memory Graph Based Approach for Program Data Introspection and Modification". David Urbina, Yufei Gu, Juan Caballero, and Zhiqiang Lin. To appear in Proceedings of the 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September, 2014 (58/234 = 24.8%). [PDF][Slides][Bibtex]
RAID "GoldenEye: Efficiently and Effectively Unveiling Malware's Targeted Environment". Zhaoyan Xu, Jialong Zhang, Guofei Gu, and Zhiqiang Lin. To appear in in Proceedings of the 17th International Symposium on Research in Attacks, Intrusions and Defenses, Gothenburg, Sweden. September 2014 (22/113 = 19.5%). [PDF][Slides][Bibtex]
USENIX-SEC "Preventing Cryptographic Key Leakage in Cloud Virtual Machines". Erman Pattuk, Murat Kantarcioglu, Zhiqiang Lin, and Huseyin Ulusoy. To appear in Proceedings of the 2014 USENIX Security Symposium, San Diego, CA, August 2014 (67/350 = 19%). [PDF][Slides][Bibtex]
USENIX-SEC "X-Force: Force-Executing Binary Programs for Security Applications". Fei Peng, Zhui Deng, Xiangyu Zhang, Dongyan Xu, Zhiqiang Lin, and Zhendong Su. To appear in Proceedings of the 2014 USENIX Security Symposium, San Diego, CA, August 2014 (67/350 = 19%). [PDF][Slides][Bibtex]
TCC "Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting". Yufei Gu, Yangchun Fu, Aravind Prakash, Zhiqiang Lin, and Heng Yin. IEEE Transactions on Cloud Computing. July 2014. [PDF][Bibtex]
USENIX-ATC "HyperShell: A Practical Hypervisor Layer Guest OS Shell for Automated In-VM Management". Yangchun Fu, Junyuan Zeng, and Zhiqiang Lin. To appear in Proceedings of the 2014 USENIX Annual Technical Conference, Philadephia, PA, June 2014 (36/205 = 14.9%). [PDF][Slides][Bibtex]
DATE "Programmable Decoder and Shadow Threads: Tolerate Remote Code Injection Exploits with Diversified Redundancy". Ziyi Liu, Weidong Shi, Shouhuai Xu, and Zhiqiang Lin. To appear in Proceedings of the 2014 Design, Automation and Test in Europe, Dresden, Germany, March 2014 (206/1090 = 23.1%). [PDF][Bibtex]
NDSS "Hybrid-Bridge: Efficiently Bridging the Semantic-Gap in Virtual Machine Introspection via Decoupled Execution and Training Memoization". Alireza Saberi, Yangchun Fu, and Zhiqiang Lin. To appear in Proceedings of the 21st ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2014 (55/295 = 18.6%). [PDF][Slides][Bibtex]
NDSS "SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps". David Sounthiraraj, Justin Sahs, Garrett Greenwood, Zhiqiang Lin, and Latifur Khan. To appear in Proceedings of the 21st ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2014 (55/295 = 18.6%). [PDF][Slides][Bibtex]
TIFS "Data-Centric OS Kernel Malware Characterization". Junghwan Rhee, Ryan Riley, Zhiqiang Lin, Xuxian Jiang, Dongyan Xu. IEEE Transactions on Information Forensics and Security, Volume 9 Issue 1, January 2014. [PDF][Bibtex]
2013
VMTJ "Toward Guest OS Writable Virtual Machine Introspection". Zhiqiang Lin. VMware Technical Journal, 2(2), December 2013. [PDF][HTML][Bibtex]
ACSAC "Subverting System Authentication with Context-Aware, Reactive Virtual Machine Introspection". Yangchun Fu, Zhiqiang Lin, and Kevin Hamlen. In Proceedings of the 29th Annual Computer Security Applications Conference, New Orleans, Louisiana, December 2013. (19%) [PDF][Slides][Bibtex]
CCS "Obfuscation-resilient Binary Code Reuse through Trace-oriented Programming". Junyuan Zeng, Yangchun Fu, Kenneth Miller, Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 2013. (105/530=19.8%) [PDF][Slides][Bibtex]
TISSEC "Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection". Yangchun Fu, and Zhiqiang Lin. In ACM Transactions on Information and System Security (TISSEC), Volume 16 Issue 2, September 2013. [PDF][Bibtex]
ISCA "CPU Transparent Protection of OS Kernel and Hypervisor Integrity with Programmable DRAM". Ziyi Liu, Jonghyuk Lee, Junyuan Zeng, Yuanfeng Wen, Zhiqiang Lin, and Weidong Shi. In Proceedings of the 40th International Symposium on Computer Architecture, Tel-Aviv, Israel. June 2013. (56/282=19.9%) [PDF]][Bibtex]
ICDCS "AUTOVAC: Towards Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization". Zhaoyan Xu, Jialong Zhang, Guofei Gu, and Zhiqiang Lin. In Proceedings of the 33rd International Conference on Distributed Computing Systems, Philadelphia, USA. July 2013. (61/464=13%) [PDF][Bibtex]
DSN "Manipulating Semantic Values in Kernel Data Structures: Attack Assessments and Implications". Aravind Prakash, Eknath Venkataramani, Heng Yin, and Zhiqiang Lin. In Proceedings of the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-PDS), Budapest, Hungary, June 2013 [PDF][Bibtex]
VEE "Exterior: Using a Dual-VM Based External Shell for Guest-OS Introspection, Configuration, and Recovery". Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 9th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, Houston, TX, March 2013 [PDF][Slides][Bibtex]
2012
ACSAC "Securing Untrusted Code via Compiler-Agnostic Binary Rewriting". Richard Wartel, Vishwath Mohan, Kevin Hamlen, and Zhiqiang Lin. In Proceedings of the 28th Annual Computer Security Applications Conference, Orlando, FL, December 2012. (44/231=19%) [PDF][Slides][Bibtex] (Outstanding Student Paper Award)
SOCC "OS-Sommelier: Memory-Only Operating System Fingerprinting in the Cloud". Yufei Gu, Yangchun Fu, Aravind Prakash, Zhiqiang Lin, and Heng Yin. In Proceedings of the 3rd ACM Symposium on Cloud Computing, San Jose, CA, October 2012. ((21+4)/165=15.3%) [PDF][Slides][Bibtex]
CCS "Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code". Richard Wartel, Vishwath Mohan, Kevin Hamlen, and Zhiqiang Lin. In Proceedings of the 19th ACM Conference on Computer and Communications Security, Raleigh, NC, October 2012. (80/423=18.9%) [PDF][Slides][Bibtex] (This paper wins the 2nd place in the NYU-Poly AT&T Best Applied Security Paper of the Year 2012)
DFRWS "Bin-Carver: Automatic Recovery of Binary Executable Files". Scott Hand, Zhiqiang Lin, Guofei Gu, and Bhavani Thuraisingham. In Proceedings of the 12th Annual Digital Forensics Research Conference, Washington DC, August 2012 (14/47=29.8%). [PDF][Slides][Bibtex]
S&P "Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection". Yangchun Fu, and Zhiqiang Lin. In Proceedings of the 33rd IEEE Symposium on Security and Privacy, San Fransisco, CA, May 2012 (40/307=13%). [PDF][Slides][Slides-Handout][Demo][Bibtex]
NDSS "DIMSUM: Discovering Semantic Data of Interest from Un-mappable Memory with Confidence". Zhiqiang Lin, Junghwan Rhee, Chao Wu, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 19th ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2012 (46/258 = 17.8%). [PDF][Slides][Bibtex]
2011 and Before
AsiaCCS "Characterizing Kernel Malware Behavior with Kernel Data Access Patterns". Junghwan Rhee, Zhiqiang Lin, and Dongyan Xu. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, Hong Kong, March 2011 (35/217 = 16.1%).[PDF] [Bibtex]
NDSS "SigGraph: Brute Force Scanning of Kernel Data Structure Instances Using Graph-based Signatures". Zhiqiang Lin, Junghwan Rhee, Xiangyu Zhang, Dongyan Xu, and Xuxian Jiang. In Proceedings of the 18th Network and Distributed System Security Symposium, San Diego, CA, February 2011 (28/139 = 20.1%). [Abstract][PDF][Bibtex][Demo][Slides]
ISSTA "Strict Control Dependence and its Effect on Dynamic Information Flow Analyses". Tao Bao, Yunhui Zheng, Zhiqiang Lin, Xiangyu Zhang and Dongyan Xu. In Proceedings of the 2010 International Symposium on Software Testing and Analysis,Trento, Italy. July 2010 (24/105 = 23%). [Bibtex][PDF]
DSN "Reuse-Oriented Camouflaging Trojan: Vulnerability Detection and Attack Construction". Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-DCCS), Chicago, IL, June 2010 (39/168=23.2%). [Abstract][PDF][Bibtex][Slides]
NDSS "Automatic Reverse Engineering of Data Structures from Binary Execution. Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 17th Network and Distributed System Security Symposium, San Diego, CA, February 2010 (24/156=15.4%). [Abstract][PDF][Bibtex][Slides][Demo] (Note that this paper wins the 1st place in the Poster Competition of 2010 CERIAS Annual Information Security Symposium)
TSE "Reverse Engineering Input Syntactic Structure from Program Execution and Its Applications". Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. IEEE Transactions on Software Engineering. 36(5), 2010. [PDF][Bibtex]
DIMVA "Polymorphing Software by Randomizing Data Structure Layout". Zhiqiang Lin, Ryan Riley, and Dongyan Xu. In Proceedings of the 6th SIG SIDAR Conference on Detection of Intrusions and Malware and Vulnerability Assessment. Milan, Italy, July 2009 ((10+3)/44=29.5%). [Abstract][PDF][Bibtex][Code]
NDSS "IntScope: Automatically Detecting Integer Overflow Vulnerability In X86 Binary Using Symbolic Execution". Tielei Wang, Tao Wei, Zhiqiang Lin, and Wei Zou. In Proceedings of the 16th Network and Distributed System Security Symposium, San Diego, CA, February 2009 (20/171=11.7%). [Abstract][PDF][Bibtex]
FSE "Deriving Input Syntactic Structure From Execution". Zhiqiang Lin, and Xiangyu Zhang. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering. Atlanta, Georgia, USA, November 2008 (31/152=20.5%). [Abstract][PDF][Bibtex][Slides]
DSN "Convicting Exploitable Software Vulnerabilities: An Efficient Input Provenance Based Approach". Zhiqiang Lin, Xiangyu Zhang, and Dongyan Xu. In Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-DCCS), Anchorage, Alaska, USA, June 2008 (34/149=23%). [Abstract][PDF][Bibtex][Slides]
NDSS "Automatic Protocol Format Reverse Engineering Through Context-Aware Monitored Execution". Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, and Xiangyu Zhang. In Proceedings of the 15th Network and Distributed System Security Symposium,San Diego, CA, February 2008 (21/118=17.8%) [Abstract][PDF][Bibtex][Slides]
AsiaCCS "AutoPaG: Towards Automated Software Patch Generation with Source Code Root Cause Identification and Repair". Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, Bing Mao, and Li Xie. In Proceedings of ACM Symposium on InformAtion, Computer and Communications Security, Singapore, March 2007 (Acceptance ratio: 33/188=17.6%). [PDF][Bibtex][Slides]
ISC "Transparent Run-Time Prevention of Format-String Attacks via Dynamic Taint and Flexible Validation". Zhiqiang Lin, Nai Xia, Guole Li, Bing Mao, and Li Xie. In Proceedings of the 9th Information Security Conference. Greece. Sept, 2006 (Acceptance ratio: 38/188=20.2%). [PDF][Bibtex][Code]
ARES "A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities". Zhiqiang Lin, Bing Mao, and Li Xie. In Proceedings of the First International Conference on Availability, Reliability and Security. Austria. April, 2006. [PDF][Bibtex]
IAW "LibsafeXP: A Practical and Transparent Tool for Run-time Buffer Overflow Preventions". Zhiqiang Lin, Bing Mao, and Li Xie. In Proceedings of the 7th Annual IEEE Information Assurance Workshop. West Point, NY. USA. June, 2006. [PDF][Bibtex][Slides][Code]

HOME SOURCE