Elevator is a novel, deterministic binary translator that statically translates entire x86-64 executables to AArch64 by considering all possible interpretations of every byte, eliminating the need for…

SCRIBE is a novel framework that enables reliable source-level patching of binaries by performing 'binary-aware' recompilation, successfully resolving syntactic and semantic inaccuracies inherent in d…

The paper introduces DEBENCH, a novel framework that evaluates binary decompilers based on three orthogonal dimensions—readability, recompilability, and functionality—revealing that functional recover…

The paper introduces Heimdall, an automated pipeline that uses LLMs and formal verification to safely and automatically migrate legacy, potentially buggy eBPF programs written in C to memory-safe Rust…

The paper introduces a novel memory forensics framework to perform runtime analysis of Go malware, successfully recovering critical execution state and artifacts that are invisible to traditional stat…

This paper analyzes various source-to-bytecode obfuscation techniques for Erlang, demonstrating that effective protection relies on exploiting the representational gaps between high-level semantics an…

SAILOR automates the construction of symbolic execution harnesses by combining static analysis and LLM-based synthesis, significantly improving the scalability and effectiveness of vulnerability disco…

The paper introduces Decaf, a system that uses automatic feedback and search to significantly improve the semantic correctness and accuracy of neural decompilers, boosting the decompilation rate from…

The paper proposes a general, compiler-integrated framework for secure content composition that minimizes the syntactic difference between secure and insecure coding practices.

The paper introduces codebadger, a Model Context Protocol (MCP) server that integrates Joern's Code Property Graph (CPG) with LLMs, enabling large language models to perform large-scale, semantic prog…

The paper introduces PeAR, a static binary rewriting framework that proves static binary instrumentation (SBI) is a practical and effective alternative to dynamic binary instrumentation (DBI) for high…

PRISM is a novel, precise object-bounds protection scheme that significantly reduces runtime overhead by encoding the object's end address directly into the pointer tag, thereby eliminating costly met…

The paper proposes CoDe-R, a two-stage framework that significantly improves the accuracy and re-executability of decompiled code generated by LLMs, achieving a new SOTA in the lightweight regime.

PUSHAN is a novel, trace-free technique that successfully deobfuscates virtualization-obfuscated binaries, providing complete Control Flow Graphs (CFGs) and high-quality C pseudocode for effective ana…

The paper introduces a novel multi-LLM orchestration system combined with symbolic execution to successfully detect memory vulnerabilities in uncompilable, incomplete Rust CVE code snippets, achieving…

The paper proposes a tamper-proofing model for self-modifying code (SMC) by leveraging external timing, concurrency, and microarchitectural state to make non-SMC reproduction detectably expensive.

Filament is a novel, compiler-agnostic static information-flow control (IFC) library for Rust that enables fine-grained, Denning-style tracking of both explicit and implicit data flows with minimal pr…

The paper proposes a novel loader-centric verification framework that cryptographically enforces the authenticity of shared objects resolved by the dynamic linker, effectively preventing shared librar…

The paper proposes a novel symbolic execution technique that combines speculative library preloading and custom software hooks to recover Control Flow Graphs (CFGs) from binaries that use dynamic code…

This study formally verified 3,500 AI-generated code artifacts and found that a majority (55.8%) contain exploitable security vulnerabilities, regardless of the LLM used.