One of the most significant differences between automatic sign language recognition (ASLR) and automatic speech recognition (ASR) is due to the computer vision problems, whereas the corresponding problems in speech signal processing have been solved due to intensive research in the last 30 years. We present our approach where we start from a large vocabulary speech recognition system to profit ...

Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been extensively used to exploit bugs in modern software programs (e.g., web browsers and PDF readers). ROP attacks require no code injection, and have already been shown to be powerful enough to bypass fine-grained memory randomization (ASLR) defenses. To counter this ingenious attack strategy, sever...

Although Format String Attacks(FSAs) are known for many years there is still a number of applications that have been found to be vulnerable to such attacks in the recent years.According to the CVE database, the number of FSA vulnerabilities is stable over the last 5 years, even as FSA vulnerabilities are assumingly easy to detect. Thus we can assume, that this type of bugs will still be present...

We propose and evaluate a new protection mechanism for indirect call and jump instructions in binaries, which we call FPGate. FPGate stops attacks targeting function pointers by limiting indirect transfers to only those targets that are legal in the original program. When deployed together with other existing lightweight protections, FPGate can provide a level of protection comparable to CFI (C...

Systems code is often written in low-level languages like C/C++, which offer many benefits but also delegate memory management to programmers. This invites memory safety bugs that attackers can exploit to divert control flow and compromise the system. Deployed defense mechanisms (e.g., ASLR, DEP) are incomplete, and stronger defense mechanisms (e.g., CFI) often have high overhead and limited gu...

As defense solutions against control-flow hijacking attacks gain wide deployment, control-oriented exploits from memory errors become difficult. As an alternative, attacks targeting non-control data do not require diverting the application’s control flow during an attack. Although it is known that such data-oriented attacks can mount significant damage, no systematic methods to automatically co...

Current systems are under constant attack from many different sources. Both local and remote attackers try to escalate their privileges to exfiltrate data or to gain arbitrary code execution. While inline defense mechanisms like DEP, ASLR, or stack canaries are important, they have a local, program centric view and miss some attacks. Intrusion Detection Systems (IDS) use runtime monitors to mea...

Current production of hearing aids meets lesser than global needs. Hearing aids and other assistive devices can be used to improve Deafness and hearing loss in people especially using sign language. However, expressing sign language is not known or understood by everyone. These possess serious drawbacks in communicating to and from the deaf. Thus, the paper is to propose a framework that will i...

So far, no countermeasure has been able to fully prevent sophisticated exploitation techniques such as return-oriented programming (ROP). Recent control-flow integrity (CFI) defenses from Google and Microsoft can be bypassed by constructing a ROP payload that adheres to the control-flow constraints or by exploiting implementation flaws to bypass the control-flow checks. Microsoft’s EMET has les...

BACKGROUND Recent studies have shown high prevalence rates for pelvic girdle pain (PGP) in pregnancy. Some risk factors for developing PGP have been suggested, but the evidence is weak. Furthermore there is almost no data on how findings from clinical examinations are related to subsequent PGP. The main purpose for this study was to study the associations between socio-demographical, psychologi...