Dawn Song

TL;DR: In this article, a system that facilitates cyber threat hunting in computer systems using open-source Cyber Threat Intelligence (OSCTI) is presented, called ThreatRaptor, which provides an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, and an efficient query execution engine to search the big system audit logging data.

TL;DR: Carlini et al. as discussed by the authors proposed code-pointer integrity (CPI), a new design point that guarantees the integrity of all code pointers in a program and thereby prevents all control-flow hijack attacks that exploit memory corruption errors.

TL;DR: In this paper, the authors describe a method that includes receiving an application and creating a representation of the application that describes states and state transitions, and then using the description and the representation to determine actions to be added to the application and locations within the application where the actions are to be performed.

TL;DR: A framework for anomaly detection that allows the construction of a black box anomaly detector that can be used for automatically finding anomalies with minimal human intervention is introduced.

TL;DR: Sanctorum as mentioned in this paper is a small trusted code base (TCB) consisting of a generic enclave-capable system, which is sufficient to implement secure enclaves akin to the primitive offered by Intel's SGX.