Software Security

Software security aims to develop mechanisms to ensure the safe design and execution of software. We are primarily interested in the development of language protection mechanism using formalisms such as Hoare logic and Separation Logic. Recent advances in program logics make it possible to reason rigorously about pointers, the heap and concurrency. This enables us to offer better protection against buffer overflows, format string attacks, race conditions and code injections.

People: Sarah Al-Azzani, Rami Bahsoon, Andrew Brown, Horia Corcalciuc, Olufunmilola Onolaja, Hayo Thielecke.

Publications

3 publications:

[BrownRyan2008] Andrew Brown and Mark Ryan. Synthesising Monitors from High-level Policies for the Safe Execution of Untrusted Software. In Fourth Information Security Practice and Experience Conference (ISPEC 2008), Springer. 2008.
[BrownRyan2008MobileDevices] Andrew Brown and Mark Ryan. Monitoring the Execution of Third-party Software on Mobile Devices (Extended Abstract). In 11th International Symposium On Recent Advances In Intrusion Detection (RAID'08), Springer. 2008.
[ICICS08] Liqun Chen and Mark Dermot Ryan and Guilin Wang. Information and Communications Security. 2008.

School of Computer Science

Software Security

Publications