Software

Adversarial machine learning

• ShapeShifter - Robust Physical Adversarial Attack on Faster R-CNN Object Detector.

Adversarial-resillience

• JPEG Defense contains our techniques for reproducing the results in Shield.

MLSPLOIT

• AVPass is a tool for leaking the detection model of Android malware detection systems (i.e., antivirus software), and bypassing their detection logics by using the leaked information coupled with APK obfuscation techniques.

• NVMTrace is the implementation of a software controller that facilitates automated baremetal malware analysis. It uses open-source software and freely available technologies to operate one or more baremetal malware analysis clusters, each of which comprises one Linux host, eight baremetal processing nodes, and a network switch.

• Cuckoo-Headless offers all the functionality of Cuckoo without all the overhead.

• Cuckoo Monitor extends the number of API calls Cuckoo can track.

Robust security analytics

• Barnum is an offline control flow attack detection system that applies deep learning on hardware execution traces to model a program's behavior and detect control flow anomalies.

• uCFI is a CFI defense using Intel Processor Trace and dynamic points-to analysis.

• SGX-Tor is a Tor anonymity network in the SGX environment. This project was be published in NSDI'17.

• SGX-Shield is a system for supporting ASLR in the SGX environment.

• T-SGX is a compiler-based tool that protects Intel SGX applications against controlled-channel attacks.