To support the integration of existing programs into multidisciplinary applications, we have constructed the Multidisciplinary Application Runtime System (MARS). MARS supports legacy code integration, heterogeneous execution environments, conditional execution ows, dynamic module invocation and realignment, and dynamic binding of I/O paths. It also provides a simple speci cation language to scr...

Character behaviors in computer role-playing games have a significant impact on game-play, but are often difficult for game authors to implement and adapt. We present a behavior model that requires no manual script writing. In this model, behaviors can be interrupted and resumed, they can transition to other behaviors depending on game events, and they can be chosen based on motivations. We hav...

With the help of rich web client technologies, developers are creating rich internet applications in response to end users' growing demand in richer web experiences. However, most of these technologies are fat client based. That is, to enable rich user interfaces, application code, whether binary or script, must be downloaded and executed on the client side. In this paper, we propose a thin cli...

A robust architecture against network intrusions plays a main role for information security and service reliability. An intruder that obtains an unauthorized access to a remote system could read restricted information or hide this access for future and eventually more dangerous actions. Temporary intrusions can become permanent (i.e., resistant to reboots) if malicious code is installed in a sy...

The C-patrol system is a simple but powerful CASE tool for C software systems. The heart of the proposed prototype is the labeled code system, a procedure-like mechanism that invokes blocks of code through a database-like associative system rather than through explicit procedure names. The C-patrol design resolves several di cult issues in enforcing object-oriented invariants in a language that...

Signature-based malware detection is a very fundamental technique that detects malware by generating signatures. The detection however, is unable to detect obfuscated malware unless pre-generated signature is stored in the database. In this paper, we propose a combination of known packer detection, unpacking module, and heuristic scanning techniques to find and block a malicious program before ...

In recent years, JavaScript-based attacks have become one of the most common and successful types of attack. Existing techniques for detecting malicious JavaScripts could fail for different reasons. Some techniques are tailored on specific kinds of attacks, and are ineffective for others. Some other techniques require costly computational resources to be implemented. Other techniques could be c...

Fine-grained address space layout randomization has recently been proposed as a method of efficiently mitigating ROP attacks. In this paper, we introduce a design and implementation of a framework based on a runtime strategy that undermines the benefits of fine-grained ASLR. Specifically, we abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover gadgets...

We present a formal verification methodology for datapathdominated hardware. This provides a systematic but flexible framework within which to organize the activities undertaken in large-scale verification efforts and to structure the associated code and proof-script artifacts. The methodology deploys a combination of model checking and lightweight theorem proving in higher-order logic, tightly...

The reuse of algorithms and hardware developed for searches of large molecular biologic databases is examined for detecting new variants of computer attacks before they can inflict damage. New attacks are viewed as evolutions of previous attacks, with associated mutations, insertions, and deletions from either machine code or text script sequences. Similarity searches are done between previous ...