μAFL: non-intrusive feedback-driven fuzzing for microcontroller firmware
Fuzzing is one of the most effective approaches to finding software flaws. However, applying
it to microcontroller firmware incurs many challenges. For example, rehosting-based …
it to microcontroller firmware incurs many challenges. For example, rehosting-based …
Happer: Unpacking android apps via a hardware-assisted approach
Malware authors are abusing packers (or runtime-based obfuscators) to protect malicious
apps from being analyzed. Although many unpacking tools have been proposed, they can …
apps from being analyzed. Although many unpacking tools have been proposed, they can …
NCScope: hardware-assisted analyzer for native code in Android apps
More and more Android apps implement their functionalities in native code, so does
malware. Although various approaches have been designed to analyze the native code …
malware. Although various approaches have been designed to analyze the native code …
Retrofitting LBR Profiling to Enhance Virtual Machine Introspection
Cloud attack provenance is a well-established industrial practice for assuring transparency
and accountability for a service provider to tenants. However, the multi-tenancy and self …
and accountability for a service provider to tenants. However, the multi-tenancy and self …
Hyperdbg: Reinventing hardware-assisted debugging
MS Karvandi, MH Gholamrezaei… - Proceedings of the …, 2022 - dl.acm.org
Software analysis, debugging, and reverse engineering have a crucial impact in today's
software industry. Efficient and stealthy debuggers are especially relevant for malware …
software industry. Efficient and stealthy debuggers are especially relevant for malware …
A practical approach for finding anti-debugging routines in the Arm-Linux using hardware tracing
Y Park, S Choi, UY Choi, H Jin, NHM Nor, Y Park - Scientific Reports, 2024 - nature.com
As IoT devices are being widely used, malicious code is increasingly appearing in Linux
environments. Sophisticated Linux malware employs various evasive techniques to deter …
environments. Sophisticated Linux malware employs various evasive techniques to deter …
{BoKASAN}: Binary-only Kernel Address Sanitizer for Effective Kernel Fuzzing
Kernel Address Sanitizer (KASAN), an invaluable tool for finding use-after-free and out-of-
bounds bugs in the Linux kernel, needs the kernel source for compile-time instrumentation …
bounds bugs in the Linux kernel, needs the kernel source for compile-time instrumentation …
Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features
Failure diagnosis in practical systems is difficult, and the main obstacle is that the
information a developer has access to is limited. This information is usually not enough to …
information a developer has access to is limited. This information is usually not enough to …
Armor: Protecting Software Against Hardware Tracing Techniques
Many modern processors have embedded hardware tracing techniques (eg, Intel Processor
Trace or ARM CoreSight). While these techniques are widely used due to their transparency …
Trace or ARM CoreSight). While these techniques are widely used due to their transparency …
The Reversing Machine: Reconstructing Memory Assumptions
Existing anti-malware software and reverse engineering toolkits struggle with stealthy sub-
OS rootkits due to limitations of run-time kernel-level monitoring. A malicious kernel-level …
OS rootkits due to limitations of run-time kernel-level monitoring. A malicious kernel-level …