We consider the problem of detecting exploits based on returnoriented programming. In contrast to previous works we investigate to which extent we can detect ROP payloads by only analysing streaming data, i.e., we do not assume any modifications to the target machine, its kernel or its libraries. Neither do we attempt to execute any potentially malicious code in order to determine if it is an a...

Memory deduplication merges same-content memory pages and reduces the consumption of physical memory. It is a desirable feature for virtual machines on IaaS (Infrastructure as a Service) type cloud computing, because IaaS hosts many guest OSes which are expected to include many identical memory pages. However, some security capabilities of the guest OS modify memory contents for each execution ...

one copy of any article(s) in SHURA to facilitate their private study or for non-commercial research. You may not engage in further distribution of the material or use it for any profit-making activities or any commercial gain. Abstract: Writable XOR eXecutable (W ○ + X) and Address Space Layout Randomisation (ASLR), have elevated the understanding necessary to perpetrate buffer overflow exploi...

User space memory randomization techniques are an emerging field of cyber defensive technology which attempts to protect computing systems by randomizing the layout of memory. Quantitative metrics are needed to evaluate their effectiveness at securing systems against modern adversaries and to compare between randomization technologies. We introduce Effective Entropy, a measure of entropy in use...

background: the comparison between voluntary and automatic contraction of deep abdominal muscles in patients with nonspecific low back pain (nlbp) may justify being the best treat for them. the aim of this case-controlled study was to compare changes in the thickness of the transverses abdomin is (tra) and internal oblique (io) muscles during the abdominal drawing-in maneuver (adim) and the act...

This PhD thesis investigates the image sequence labeling problems optical character recognition (OCR), object tracking, and automatic sign language recognition (ASLR). To address these problems we investigate which concepts and ideas can be adopted from speech recognition to these problems. For each of these tasks we propose an approach that is centered around the approaches known from speech r...

Sign language is an essential tool to bridge the communication gap between normal and hearing-impaired people. However, diversity of over 7000 present-day sign languages with variability in motion position, hand shape, position body parts making automatic recognition (ASLR) a complex system. In order overcome such complexity, researchers are investigating better ways developing ASLR systems see...

The discovery of recent zero-day exploits against Microsoft Word, Adobe Flash Player and Internet Explorer demonstrate that return-oriented programming (ROP) is the most severe threat to software system security. Microsoft’s 2013 Software Vulnerability Exploitation trend report found that 73% of all vulnerabilities are exploited via ROP. The core idea of ROP is to exploit the presence of so-cal...