Memory corruption vulnerabilities are still a severe threat for software systems. To thwart the exploitation of such vulnerabilities, many different kinds of defenses have been proposed in the past. Most prominently, Control-Flow Integrity (CFI) has received a lot of attention recently. Several proposals were published that apply coarse-grained policies with a low performance overhead. However,...

Current low-level exploits often rely on code-reuse, whereby short sections of code (gadgets) are chained together into a coherent exploit that can be executed without the need to inject any code. Several protection mechanisms attempt to eliminate this attack vector by applying code transformations to reduce the number of available gadgets. Nevertheless, it has emerged that the residual gadgets...

Code obfuscation and software watermarking are well known techniques designed to prevent the illegal reuse of software. Code obfuscation prevents malicious reverse engineering, while software watermarking protects code from piracy. An interesting class of algorithms for code obfuscation and software watermarking relies on the insertion of opaque predicates. It turns out that attackers based on ...

Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...

Code reuse is an important part of software development. The adoption code practices especially common among Node.js developers. package manager, NPM, indexes over 1 Million packages and developers often seek out to solve programming tasks. Due the vast number packages, selecting right difficult time consuming. With goal improving productivity that heavily through third-party we present <italic...

Code repositories on the Internet provide a tremendous amount of freely available open source code that can be reused for building new software. It has been argued that only software reuse can bring the gain of productivity in software construction demanded by the market. However, knowledge about the extent of reuse in software projects is only sparse. To remedy this, we report on an empirical ...

Code clone analysis is valuable because it can reveal reuse behaviours efficiently from software repositories. Recently, some code reuse analyses using clone genealogies and code clones over multiple projects were conducted. However, most of the conventional analyses do not consider the developers’ individual difference to reuse behaviors. In this paper, we propose a method for code reuse analy...

embedded systems are becoming a suggestive target for code injection attacks in recent years. software protection mechanisms in general computers are not usually applicable in embedded systems as they come with limited resources like memory and processor. in this paper we investigate side channel characteristics of embedded systems and their usability in code injection attack detection. the arc...

In the software industry and OSS projects, it is said that source code reuse could improve productivity and reliability of software development, and reduce development time. On the other hand, source code reuse requires professional skills to developers. Ad-hoc reuse might introduce some maintenance problems. The source code reuse analysis for software development organizations is worthy to be ...