Instruction-set Randomization (ISR)
Instruction-set randomization (ISR) is a technique based on randomizing the
"language" understood by a system to protect it from code-injection attacks.
Such attacks were used by many computer worms in the past, but still pose a
threat as it was confirmed by the recent Conficker worm outbreak, and the latest
exploits targeting some of Adobe's most popular products. We created a tool
that offers a fast and practical implementation of ISR that
Defending Against Code-Reuse Attacks
The wide adoption of protection mechanisms such as non-executable pages (W^X)
and Data Execution Prevention (DEP), has given rise to a new type of attacks,
known as code-reuse attacks, which achieve arbitrary code execution without the
injection of any attacker-supplied code. In this project, we aim to hinder
code-reuse attacks by breaking the assumptions that the attacker can make about
the process code image.
REASSURE: A Self-contained Mechanism for Healing Software Using Rescue Points
Software failures in server applications are a significant problem for
preserving system availability. Rescue points are a known mechanism for
recovering software from unknown faults. REASSURE is a self-containted system
that uses the Pin DBI framework to apply
You can find older projects of the group here.