The Hardware Breakpoint (also known as watchpoint or debug) registers, hitherto was a frugally used resource in the Linux Kernel (ptrace and in-kernel debuggers being the users), with little co-operation between the users. The role of these debug registers is best exemplified in a) Nailing down the cause of memory corruption, which be tricky considering that the symptoms manifest long after the...

The last twenty years have witnessed the constant reaction of the security community to memory corruption attacks and the evolution of attacking techniques in order to circumvent the newly-deployed countermeasures. In this evolution, the heap of a process received little attention and thus today, the problem of heap overflows is largely unsolved. In this paper we present HeapSentry, a system de...

Since the 1990s, a number of anti-corruption conventions have been adopted due to pressure from international financial institutions, donor countries and governments of major industrialised nations. One of these conventions is the Anti-corruption Protocol adopted by the Southern African Development Community. This article examines this Convention against the backdrop of the principal–agent–clie...

A parallel numerical simulation algorithm is presented for fractionalorder systems involving Caputo-type derivatives, based on the AdamsBashforth-Moulton (ABM) predictor-corrector scheme. The parallel algorithm is implemented using several different approaches: a pure MPI version, a combination of MPI with OpenMP optimization and a memory saving speedup approach. All tests run on a BlueGene/P c...

Even the most advanced reverse engineering techniques and products are weak in recovering data structures in stripped binaries—binaries without symbol tables. Unfortunately, forensics and reverse engineering without data structures is exceedingly hard. We present a new solution, known as Howard, to extract data structures from C binaries without any need for symbol tables. Our results are signi...

Memory corruption vulnerabilities are endemic to unsafe languages, such as C, and they can even be found in safe languages that themselves are implemented in unsafe languages or linked with libraries implemented in unsafe languages. Robust compilation mitigates the threat of linking with memory-unsafe libraries. The source language is a Clike language, enriched with a notion of a component whic...

BinArmor is a novel technique to protect existing C binaries from memory corruption attacks on both control data and non-control data. Without access to source code, non-control data attacks cannot be detected with current techniques. Our approach hardens binaries against both kinds of overflow, without requiring the programs’ source or symbol tables. We show that BinArmor is able to stop real ...

Software exploits are one of the major threats to the Internet security. A large family of exploits works by corrupting memory of the victim process to execute malicious code. To quickly respond to these attacks, it is critical to automatically diagnose such exploits to find out how they circumvent existing defense mechanisms. Because of the complexity of the victim programs and sophistication ...

Dynamic taint analysis is a powerful technique to detect memory corruption attacks. However, with typical overheads of an order of magnitude, current implementations are not suitable for most production systems. The research question we address in this paper is whether the slow-down is a fundamental speed barrier, or an artifact of bolting information flow tracking on emulators really not desig...