Search For:

Displaying 1-3 out of 3 total
A Symbolic Execution Framework for JavaScript
Found in: Security and Privacy, IEEE Symposium on
By Prateek Saxena, Devdatta Akhawe, Steve Hanna, Feng Mao, Stephen McCamant, Dawn Song
Issue Date:May 2010
pp. 513-528
As AJAX applications gain popularity, client-side JavaScript code is becoming increasingly complex. However, few automated vulnerability analysis tools for JavaScript exist. In this paper, we describe the first system for exploring the execution space of J...
NEA: Public Health for the Network
Found in: IEEE Internet Computing
By Steve Hanna, Susan Thomson
Issue Date:May 2010
pp. 77-80
Network Endpoint Assessment (NEA) is a set of protocols allowing an enterprise to automatically check a device's compliance with security policy when it attaches to the network. Compliance checks might specify, for example, that critical security patches a...
Emulating emulation-resistant malware
Found in: Proceedings of the 1st ACM workshop on Virtual machine security (VMSec '09)
By Dawn Song, Heng Yin, Min Gyung Kang, Stephen McCamant, Steve Hanna
Issue Date:November 2009
pp. 11-22
The authors of malware attempt to frustrate reverse engineering and analysis by creating programs that crash or otherwise behave differently when executed on an emulated platform than when executed on real hardware. In order to defeat such techniques and f...