The automatic patch-based exploit generation problem is: given a program P and a patched
version of the program P', automatically generate an exploit for the potentially unknown …

Vulnerability exploits remain an important mechanism for malware delivery, despite efforts to
speed up the creation of patches and improvements in software updating mechanisms …

Software patching has not been effective as a first-line defense against large-scale worm
attacks, even when patches have long been available for their corresponding vulnerabilities …

We present OPUS, a tool for dynamic software patching capable of applying fixes to a C
program at runtime. OPUS's primary goal is to enable application of security patches to …

Automatic exploit generation Page 1 contributed articles 74 CoMMuniCations of the aCM |
feBRuARy 2014 | voL. 57 | No. 2 aTTacKers commonLy eXpLoIT buggy programs to break into …

Traditional software security patches often have the unfortunate side-effect of quickly alerting
attackers that their attempts to exploit patched vulnerabilities have failed. Attackers greatly …

The security level of networks and systems is determined by the software vulnerabilities of its
elements. Defending against large scale attacks requires a quantitative understanding of the …

In this paper we explore the problem of creating vulnerability signatures. A vulnerability
signature matches all exploits of a given vulnerability, even polymorphic or metamorphic …

We present ClearView, a system for automatically patching errors in deployed software.
ClearView works on stripped Windows x86 binaries without any need for source code …

Large-scale attacks, such as those launched by worms and zombie farms, pose a serious
threat to our network-centric society. Existing approaches such as software patches are …