Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Cory Cohen
October 2015 - Presentation Design Pattern Recovery from Malware Binaries

Authors: Cory Cohen

This 2015 Research Review presentation explores the challenges posed by automated binary analysis.

October 2014 - Article Discovery of C++ Data Structures from Binaries

Topics: Network Situational Awareness

Authors: Dan Quinlan (Lawrence Livermore National Laboratory), Cory Cohen

In this article, the authors present the techniques to identify C++ data structures in binary executables.

October 2014 - Article Supervised Learning for Provenance-Similarity of Binaries

Topics: Malware Analysis

Authors: Sagar Chaki, Cory Cohen, Arie Gurfinkel

In this article, the authors present a notion of similarity based on provenance; two binaries are similar if they are compiled from the same source code with the same compilers.

October 2014 - Article A Scalable Search Index for Binary Files

Topics: Malware Analysis

Authors: Wesley Jin, Chuck Hines, Cory Cohen, Priya Narasimhan (Carnegie Mellon University)

In this article, the authors present a scalable architecture for searching and indexing terabyte-size collections of binary files.

October 2014 - Article Binary Function Clustering using Semantic Hashes

Topics: Malware Analysis

Authors: Wesley Jin, Sagar Chaki, Cory Cohen, Arie Gurfinkel, Jeff Havrilla, Chuck Hines, Priya Narasimhan (Carnegie Mellon University)

In this article, the authors present an alternative to pair wise comparisons based on "hashing” that captures the semantics of functions as semantic hashes.

October 2014 - Article Recovering C++ Objects From Binaries Using Inter-Procedural Data-Flow Analysis

Topics: Malware Analysis

Authors: Wesley Jin, Cory Cohen, Jeff Gennari, Chuck Hines, Sagar Chaki, Arie Gurfinkel, Jeff Havrilla, Priya Narasimhan (Carnegie Mellon University)

In this article, the authors present a static approach that uses symbolic execution and inter-procedural data flow analysis to discover object instances, data members, and methods of a common class.

August 2012 - Technical Report Results of SEI Line-Funded Exploratory New Starts Projects

Authors: Len Bass, Rick Kazman, Edwin J. Morris, Brad Myers, William Nichols, Robert Nord, Ipek Ozkaya, Raghvinder Sangwan, Soumya Simanta, Ofer Strichman, Peppo Valetto, Nanette Brown, Gene Cahill, William Casey, Sagar Chaki, Cory Cohen, Dionisio de Niz, David French, Arie Gurfinkel

This report describes the line-funded exploratory new starts (LENS) projects that were undertaken during fiscal year 2011. For each project, the report presents a brief description and a recounting of the research that was done, as well as a synopsis of the results of the project.

February 1999 - Security Improvement Module Responding to Intrusions

Authors: Klaus-Peter Kossakowski, William R. Wilson, Julia H. Allen, Cecilia Albert, Cory Cohen, Gary Ford, Barbara Fraser, Eric Hayes, John Kochmar, Suresh Konda

This 1999 report is one of a series of SEI publications that are intended to provide practical guidance to help organizations improve the security of their networked computer systems. This report is intended for system and network administrators, managers of information systems, and security personnel responsible for networked information resources.

June 1998 - Security Improvement Module Preparing to Detect Signs of Intrusion

Authors: John Kochmar, Julia H. Allen, Cecilia Albert, Cory Cohen, Gary Ford, Barbara Fraser, Suresh Konda, Klaus-Peter Kossakowski, Derek Simmel

The practices contained in this 1998 report identify advance preparations you must make to enable you to obtain evidence of an intrusion or an intrusion attempt.