Massive software applications possess complex data structures or parse complex data
structures; in such cases, vulnerabilities in the software become inevitable. The …

The first steps in analyzing defensive malware are understanding what obfuscations are
present in real-world malware binaries, how these obfuscations hinder analysis, and how …

The aim of this chapter is to act as a primer for those wanting to learn about Runtime
Verification (RV). We start by providing an overview of the main specification languages …

Analyzing the security of closed source binaries is currently impractical for end-users, or
even developers who rely on third-party libraries. Such analysis relies on automatic …

Current Control-Flow Integrity (CFI) implementations track control edges individually,
insensitive to the context of preceding edges. Recent work demonstrates that this leaves …

Current binary-level Control-Flow Integrity (CFI) techniques are weak in determining the set
of valid targets for indirect control flow transfers on the forward edge. In particular, the lack of …

Coverage-guided fuzzing is one of the most successful approaches for discovering software
bugs and security vulnerabilities. Of its three main components:(1) test case generation,(2) …

It is well-known that static disassembly is an unsolved problem, but how much of a problem
is it in real software—for instance, for binary protection schemes? This work studies the …

Static binary rewriting has many important applications in reverse engineering, such as
patching, code reuse, and instrumentation. Binary reassembling is an efficient solution for …

Disassembly of binary code is hard, but necessary for improving the security of binary
software. Over the past few decades, research in binary disassembly has produced many …