Huge amounts of software appear nowadays. The more the number of software increases, the more increased software vulnerabilities are. Although some automatic methods have been proposed in order to detect and remove software vulnerabilities, they still require a lot of time so they have a limitation in the real world. To solve this problem, we propose BugHunter which automatically tests a binary file compiled with a C++ compiler. It searches for unsafe API calls and automatically executes to the program block that have an unsafe API call. Also, we showed that BugHunter is more efficient than angr through experiments. As a result, BugHunter is very helpful to find a software vulnerability in a short time.

Ransomware becomes more and more threatening nowadays. In this paper, we propose CLDSafe, a novel and efficient file backup system against ransomware. It keeps shadow copies of files and provides secure restoration using cloud storage when a computer is infected by ransomware. After our system measures file similarities between a new file on the client and an old file on the server, the old file on the server is backed up securely when the new file is changed substantially. And then, only authenticated users can restore the backup files by using challenge-response mechanism. As a result, our proposed solution will be helpful in recovering systems from ransomware damage.

The secret document leakage incidents have raised awareness for the need to better security mechanisms. A leading cause of the incidents has been due to accidental disclosure through via removable storage devices. As a remedy to the issue, many organizations have been employing private cloud platform or virtual desktop infrastructure (VDI) to prevent the leakage of the secret documents. In spite of the various security benefits of cloud-based infrastructure, there are still challenges to prevent the secret document leakage incidents. In this paper, we present a novel scheme, called Doc-Trace, to provide an end-to-end traceability for the secret documents by inserting steganographic pattern into unused regions of the secret documents on private cloud and VDI platforms. We devise a computationally efficient storage scanning mechanism for providing end-to-end traceability for the storage scanning can be performed in an event-driven manner since a steganographic mark are encoded into a well-regulated offset address of the storage, which decrease the computation overhead drastically. To evaluate the feasibility of the proposed scheme, this work has been undertaken on a real cloud platform based on OpenStack.