A
Adrian Tang
Researcher at Columbia University
Publications - 17
Citations - 1385
Adrian Tang is an academic researcher from Columbia University. The author has contributed to research in topics: Malware & Energy management. The author has an hindex of 11, co-authored 17 publications receiving 1147 citations. Previous affiliations of Adrian Tang include Carnegie Mellon University.
Papers
More filters
Proceedings ArticleDOI
On the feasibility of online malware detection with performance counters
John Demme,Matthew H. Maycock,Jared Schmitz,Adrian Tang,Adam Waksman,Simha Sethumadhavan,Salvatore J. Stolfo +6 more
TL;DR: This paper examines the feasibility of building a malware detector in hardware using existing performance counters and finds that data from performance counters can be used to identify malware and that the detection techniques are robust to minor variations in malware programs.
Posted Content
Unsupervised Anomaly-based Malware Detection using Hardware Features
TL;DR: This work uses unsupervised machine learning to build profiles of normal program execution based on data from performance counters, and uses these profiles to detect significant deviations in program behavior that occur as a result of malware exploitation.
CLKscrew: Exposing the Perils of Security-Oblivious Energy Management, Usenix 2018 (Distinguished Paper Award)
TL;DR: This work presents the CLKSCREW attack, a new class of fault attacks that exploit the securityobliviousness of energy management mechanisms to break security and urges the community to re-examine these security-oblivious designs.
Proceedings Article
{CLKSCREW}: Exposing the Perils of Security-Oblivious Energy Management
TL;DR: In this paper, the authors present the CLKSCREW attack, a new class of fault attacks that exploit the security obliviousness of energy management mechanisms to break security and demonstrate that a malicious kernel driver can extract secret cryptographic keys from Trustzone, and escalate its privileges by loading self-signed code into Trustzone.
Proceedings ArticleDOI
Heisenbyte: Thwarting Memory Disclosure Attacks using Destructive Code Reads
TL;DR: Heisenbyte's novel use of destructive code reads sidesteps the problem of incomplete binary disassembly in binaries, and extends protection to close-sourced COTS binaries, which are two major limitations of prior solutions against memory disclosure vulnerabilities.