Stony Brook University Logo Department of Computer Science Stony Brook Search Button
Secure Systems Lab

Publications in Information flow analysis

[1]  Provenance-based Integrity Protection for Windows
Wai-Kit Sze and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2015.
[2]  WebSheets: Web Applications for Non-Programmers
Riccardo Pelizzi and R. Sekar
New Security Paradigms Workshop (NSPW) September, 2015.
[3]  Towards More Usable Information Flow Policies for Contemporary Operating Systems
Wai-Kit Sze, Bhuvan Mital and R. Sekar
ACM Symposium on Access Control Models and Technologies (SACMAT) June, 2014.
Honorable mention for Best paper.
[4]  Comprehensive Integrity Protection for Desktop Linux (Demo)
Wai-Kit Sze and R. Sekar
ACM Symposium on Access Control Models and Technologies (SACMAT) June, 2014.
[5]  A Portable User-Level Approach for System-wide Integrity Protection
Wai-Kit Sze and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2013.
[6]  Protection, Usability and Improvements in Reflected XSS Filters
Riccardo Pelizzi and R. Sekar
ACM Symposium on Information, Computer and Communications Security (ASIACCS) May, 2012.
[7]  Taint-Enhanced Anomaly Detection
Lorenzo Cavallaro and R. Sekar
International Conference on Information Systems Security (ICISS) December, 2011.
[8]  An Efficient Black-box Technique for Defeating Web Application Attacks
R. Sekar
ISOC Network and Distributed Systems Symposium (NDSS) February, 2009.
[9]  Anomalous Taint Detection (Extended Abstract)
Lorenzo Cavallaro and R. Sekar
Recent Advances in Intrusion Detection (RAID) September, 2008. (Full version available as Technical Report SECLAB08-06).
[10]  A Practical Technique for Containment of Untrusted Plug-ins
Prateek Saxena, R. Sekar, Mithun Iyer and Varun Puranik
Technical Report (TR) August, 2008.
[11]  On the Limits of Information Flow Techniques for Malware Analysis and Containment
Lorenzo Cavallaro, Prateek Saxena and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008. (Supercedes SECLAB07-03, November 2007).
[12]  Practical Proactive Integrity Preservation: A Basis for Malware Defense
Weiqing Sun, R. Sekar, Gaurav Poothia and Tejas Karandikar
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2008.
[13]  Efficient Fine-Grained Binary Instrumentation with Applications to Taint-Tracking
Prateek Saxena, R. Sekar and Varun Puranik
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) April, 2008.
[14]  Comprehensive Memory Error Protection via Diversity and Taint-Tracking
Lorenzo Cavallaro
PhD Dissertation (Stony Brook University) February, 2008.
[15]  Static Binary Analysis And Transformation For Sandboxing Untrusted Plugins
Prateek Saxena
Master's Thesis (Stony Brook University) August, 2007.
[16]  Provably Correct Runtime Enforcement of Non-Interference Properties
V.N. Venkatakrishnan, Wei Xu, Daniel DuVarney and R. Sekar
International Conference on Information and Communications Security (ICICS) December, 2006. (Supercedes Technical Report SECLAB-04-01, Stony Brook University, March, 2004.).
[17]  Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks
Wei Xu, Sandeep Bhatkar and R. Sekar
USENIX Security Symposium (USENIX Security) August, 2006. (An earlier version appeared as Technical Report SECLAB-05-06, November 2005. Also supercedes Technical Report SECLAB-05-05 A Unified Approach for Preventing Attacks Exploiting a Range of Software Vulnerabilities, August 2005, and Technical Report SECLAB-05-04 Practical dynamic taint analysis for countering input validation attacks on web applications, May 2005, [PDF]).
[18]  Dataflow Anomaly Detection
Sandeep Bhatkar, Abhishek Chaturvedi and R. Sekar
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2006. (Supercedes Technical Report SECLAB-05-03 Improving Attack Detection in Host-Based IDS by Learning Properties of System Call Arguments, July 2005.).
All Publications
By Year

By Area

Source-code analysis/transformation
Binary analysis/rewriting
Policy/Specification Languages
OS and Virtualization Techniques
Algorithms
Learning/anomaly detection
Formal methods/Foundations


By Problem

Randomization/Memory Errors
Information flow analysis
Automated Exploit Defenses
Virtual Network Lab
Safe execution/attack recovery
Automated signature generation
Malware/Untrusted code defense
Intrusion/Anomaly detection
Fast packet matching
Policy generation tools


Local Search



Home Contact NSI Computer Science Stony Brook University

Copyright © 1999-2013 Secure Systems Laboratory, Stony Brook University. All rights reserved.