To accurately and efficiently detect code reuse attacks, we developed ROPStop. We define conformant program execution as a set of requirements on program states; we demonstrate that code reuse attacks violate these requirements and thus can be detected. We implemented this in ROPStop, which operates on unmodified binaries, including running programs.
, RAID 2013 (poster)]
To identify glibc library wrapper functions in stripped binaries, we developed semantic descriptors. Using a database of these descriptors, we can accurately identify library wrapper functions in stripped binaries of unknown origins (without needing to have fingerprinted the glibc library from which the binary was generated).
Lightweight Library for MRNet
I developed a lightweight backend library as part of MRNet, the Multicast Reduction Network. This new library, written in C (rather than MRNet's standard C++) and single-threaded, makes MRNet accessible to a wide range of new tools.
Sketch Recognition Studies
In 2008, I participated in the CRA-W's Distributed Mentor Program (DMP), now called the Distributed REU (DREU) Program. You can learn more about my experiences and the research I did here.
Conference and Workshop Publications
Google Scholar |
ACM Author Page |
Emily R. Jacobson, Andrew R. Bernat, William R. Williams, and Barton P.
Miller. Detecting Code Reuse Attacks with a Model of
Conformant Program Execution. International Symposium on Engineering Secure
Software and Systems (ESSoS). Munich, Germany, February, 2014.
talk slides (pptx)]
Emily R. Jacobson, Nathan Rosenblum, and Barton P. Miller. Labeling
Library Functions in Stripped Binaries. Workshop on Program Analysis for Software Tools and Engineering
(PASTE). Szeged, Hungary, September, 2011.
[paper, talk slides (pptx), talk slides (pdf)]
Emily R. Jacobson, Michael J. Brim, and Barton P. Miller. A Lightweight
Library for Building Scalable Tools. PARA '10: The State of
the Art in Scientific and Parallel Computing. Reykjavik, Iceland, June,
[paper, talk slides (pdf)]
Brandon L. Kaster, Emily R. Jacobson, Water Moreira, Brandon Paulson, and Tracy A. Hammond. SOUSA v2.0: Automatically Generating Secure and Searchable Data Collection Studies. International Workshop on Visual Languages and Computing (VLC). Redwood City, CA, September, 2009.
Emily R. Jacobson, Andrew R. Bernat, William R. Williams, and Barton P. Miller. Poster Abstract: Detecting Code Reuse Attacks with a Model of Conformant Program Execution. Research in Attacks, Intrusions and Defenses (RAID) Symposium. St. Lucia, October, 2013. [extended abstract]
Emily Jacobson and Brandon Kaster. SOUSA: The Sketch-based Online User Study Application. Poster Presentation at the Texas A&M University Undergraduate Summer Research Grant Poster Sessions. College Station, TX, August, 2008.
Ted Cooper and Emily Jacobson. Efficient Pixel Manipulation in the GIMP. Midstates Consortium Undergraduate Research Symposium in the Physical Sciences, Mathematics, and Computer Sciences. Chicago, IL, October, 2007.
Emily Gember-Jacobson. The Evolution of Dyninst in Support of Cyber Security.
Dyninst/MRNet Users' Meeting. Madison, WI, August, 2014.
Emily Jacobson. Detecting Code Reuse Attacks Using Dyninst Components.
Paradyn/HTCondor Week 2013. Madison, WI, April, 2013.
Emily Jacobson. unstrip: Restoring Function Information to Stripped Binaries Using Dyninst.
Paradyn/Condor Week 2011. Madison, WI, May, 2011.
Emily Jacobson. SOUSA: The Sketch-based Online User Study Application.
Presentation at the Midwest Consortium Undergraduate Research Symposium in the Physical Sciences,
Mathematics, and Computer Sciences. St. Louis, MO, October, 2008.
unstrip is a library fingerprinting tool for stripped binaries, available here.