Bypassing Browser Memory Protections. Setting back browser security by 10 years. Alexander Sotirov, Mark Dowd.
session papers of the first usenix workshop on large-scale exploits and emergent threats.
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications. David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng.
Fingerprinting Passports. Henning Richter, Wojciech Mostowski, and Erik Poll.
0-Day Patch Exposing Vendors (In)security Performance. Stefan Frei, Bernhard Tellenbach, and Bernhard Plattner.
Cryptanalytic Attacks on Pseudorandom Number Generators. J. Kelsey, B. Schneier, D. Wagner, and C. Hall.
Analysis of the Linux Random Number Generator. Zvi Gutterman, Benny Pinkas, Tzachy Reinman.
Cryptanalysis of the Random Number Generator of the Windows Operating System. Leo Dorrendorf, Zvi Gutterman, Benny Pinkas.
Thirty Years Later: Lessons from the Multics Security Evaluation. Paul A. Karger, Roger R. Schell.