Tao Wei scite author profile

Memory corruption bugs in software written in low-level languages like C or C++ are one of the oldest problems in computer security. The lack of safety in these languages allows attackers to alter the program's behavior or take full control over it by hijacking its control flow. This problem has existed for more than 30 years and a vast number of potential solutions have been proposed, yet memory corruption attacks continue to pose a serious threat. Real world exploits show that all currently deployed protections can be defeated.This paper sheds light on the primary reasons for this by describing attacks that succeed on today's systems. We systematize the current knowledge about various protection techniques by setting up a general model for memory corruption attacks. Using this model we show what policies can stop which attacks. The model identifies weaknesses of currently deployed techniques, as well as other proposed protections enforcing stricter policies.We analyze the reasons why protection mechanisms implementing stricter polices are not deployed. To achieve wide adoption, protection mechanisms must support a multitude of features and must satisfy a host of requirements. Especially important is performance, as experience shows that only solutions whose overhead is in reasonable bounds get deployed.A comparison of different enforceable policies helps designers of new protection mechanisms in finding the balance between effectiveness (security) and efficiency. We identify some open research problems, and provide suggestions on improving the adoption of newer techniques.

show abstract

Interaction of the flavonoid hesperidin with bovine serum albumin: A fluorescence quenching study

Wang

Zhang

et al. 2007

Journal of Luminescence

402

190

View full text Add to dashboard Cite

Temperature-insensitive miniaturized fiber inline Fabry-Perot interferometer for highly sensitive refractive index measurement

et al. 2008

View full text Add to dashboard Cite

We report a miniaturized fiber inline Fabry-Perot interferometer (FPI), with an open micro-notch cavity fabricated by one-step fs laser micromachining, for highly sensitive refractive index measurement. The device was tested for measurement of the refractive indices of various liquids including isopropanol, acetone and methanol at room temperature, as well as the temperature-dependent refractive index of deionized water from 3 to 90 degrees C. The sensitivity for measurement of refractive index change of water was 1163 nm/RIU at the wavelength of 1550 nm. The temperature cross-sensitivity of the device was about 1.1x10(-6) RIU/degrees C. The small size, all-fiber structure, small temperature dependence, linear response and high sensitivity, make the device attractive for chemical and biological sensing.

show abstract

TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection

et al. 2010

View full text Add to dashboard Cite

Abstract-Fuzz testing has proven successful in finding security vulnerabilities in large programs. However, traditional fuzz testing tools have a well-known common drawback: they are ineffective if most generated malformed inputs are rejected in the early stage of program running, especially when target programs employ checksum mechanisms to verify the integrity of inputs. In this paper, we present TaintScope, an automatic fuzzing system using dynamic taint analysis and symbolic execution techniques, to tackle the above problem. TaintScope has several novel contributions: 1) TaintScope is the first checksum-aware fuzzing tool to the best of our knowledge. It can identify checksum fields in input instances, accurately locate checksum-based integrity checks by using branch profiling techniques, and bypass such checks via control flow alteration. 2) TaintScope is a directed fuzzing tool working at X86 binary level (on both Linux and Window). Based on fine-grained dynamic taint tracing, TaintScope identifies which bytes in a well-formed input are used in security-sensitive operations (e.g., invoking system/library calls) and then focuses on modifying such bytes. Thus, generated inputs are more likely to trigger potential vulnerabilities. 3) TaintScope is fully automatic, from detecting checksum, directed fuzzing, to repairing crashed samples. It can fix checksum values in generated inputs using combined concrete and symbolic execution techniques.We evaluate TaintScope on a number of large real-world applications. Experimental results show that TaintScope can accurately locate the checksum checks in programs and dramatically improve the effectiveness of fuzz testing. TaintScope has already found 27 previously unknown vulnerabilities in several widely used applications, including Adobe Acrobat, Google Picasa, Microsoft Paint, and ImageMagick. Most of these severe vulnerabilities have been confirmed by Secunia and oCERT, and assigned CVE identifiers (such as CVE-2009-1882, CVE-2009-2688. Corresponding patches from vendors are released or in progress based on our reports.

show abstract

Incorporating Intelligence in Fog Computing for Big Data Analysis in Smart Cities

Tang

Chen

Hefferman

et al. 2017

IEEE Trans. Ind. Inf.

316

114

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Tao Wei

SoK: Eternal War in Memory

Interaction of the flavonoid hesperidin with bovine serum albumin: A fluorescence quenching study

Temperature-insensitive miniaturized fiber inline Fabry-Perot interferometer for highly sensitive refractive index measurement

TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection

Incorporating Intelligence in Fog Computing for Big Data Analysis in Smart Cities

Contact Info

Product

Resources

About