default search action
Nick Nikiforakis
Person information
Refine list
refinements active!
zoomed in on ?? of ?? records
view refined list in
export refined list as
showing all ?? records
2020 – today
- 2025
- [e2]Nicky Mouha, Nick Nikiforakis:
Information Security - 27th International Conference, ISC 2024, Arlington, VA, USA, October 23-25, 2024, Proceedings, Part I. Lecture Notes in Computer Science 15257, Springer 2025, ISBN 978-3-031-75756-3 [contents] - [e1]Nicky Mouha, Nick Nikiforakis:
Information Security - 27th International Conference, ISC 2024, Arlington, VA, USA, October 23-25, 2024, Proceedings, Part II. Lecture Notes in Computer Science 15258, Springer 2025, ISBN 978-3-031-75763-1 [contents] - 2024
- [c90]Billy Tsouvalas, Nick Nikiforakis:
Knocking on Admin's Door: Protecting Critical Web Applications with Deception. DIMVA 2024: 283-306 - [c89]Muhammad Muzammil, Zhengyu Wu, Aruna Balasubramanian, Nick Nikiforakis:
Panning for gold.eth: Understanding and Analyzing ENS Domain Dropcatching. IMC 2024: 731-738 - [c88]Xigao Li, Amir Rahmati, Nick Nikiforakis:
Like, Comment, Get Scammed: Characterizing Comment Scams on Media Platforms. NDSS 2024 - [c87]Zhengyu Wu, Brian Kondracki, Nick Nikiforakis, Aruna Balasubramanian:
Secrets are Forever: Characterizing Sensitive File Leaks on IPFS. IFIP Networking 2024: 522-528 - [c86]Chris Tsoukaladelis, Nick Nikiforakis:
Manufactured Narratives: On the Potential of Manipulating Social Media to Politicize World Events. SP (Workshops) 2024: 17-27 - [c85]Chris Tsoukaladelis, Brian Kondracki, Niranjan Balasubramanian, Nick Nikiforakis:
The Times They Are A-Changin': Characterizing Post-Publication Changes to Online News. SP 2024: 1573-1589 - [c84]Brian Kondracki, Nick Nikiforakis:
Smudged Fingerprints: Characterizing and Improving the Performance of Web Application Fingerprinting. USENIX Security Symposium 2024 - [i10]Muhammad Muzammil, Zhengyu Wu, Lalith Harisha, Brian Kondracki, Nick Nikiforakis:
Typosquatting 3.0: Characterizing Squatting in Blockchain Naming Systems. CoRR abs/2411.00352 (2024) - 2023
- [c83]Babak Amin Azad, Nick Nikiforakis:
Role Models: Role-based Debloating for Web Applications. CODASPY 2023: 251-262 - [c82]Mir Masood Ali, Binoy Chitale, Mohammad Ghasemisharif, Chris Kanich, Nick Nikiforakis, Jason Polakis:
Navigating Murky Waters: Automated Browser Feature Testing for Uncovering Tracking Vectors. NDSS 2023 - [c81]Xigao Li, Anurag Yepuri, Nick Nikiforakis:
Double and Nothing: Understanding and Detecting Cryptocurrency Giveaway Scams. NDSS 2023 - [c80]Rasoul Jahanshahi, Babak Amin Azad, Nick Nikiforakis, Manuel Egele:
Minimalist: Semi-automated Debloating of PHP Web Applications through Static Analysis. USENIX Security Symposium 2023: 5557-5573 - [c79]Babak Amin Azad, Rasoul Jahanshahi, Chris Tsoukaladelis, Manuel Egele, Nick Nikiforakis:
AnimateDead: Debloating Web Applications Using Concolic Execution. USENIX Security Symposium 2023: 5575-5591 - [c78]Xigao Li, Babak Amin Azad, Amir Rahmati, Nick Nikiforakis:
Scan Me If You Can: Understanding and Detecting Unwanted Vulnerability Scanning. WWW 2023: 2284-2294 - [c77]Johnny So, Michael Ferdman, Nick Nikiforakis:
The More Things Change, the More They Stay the Same: Integrity of Modern JavaScript. WWW 2023: 2295-2305 - 2022
- [j5]Fabio Massacci, Nick Nikiforakis, Ivan Pashchenko, Antonino Sabetta, Victoria Wang:
Introduction to the Special Issue on Vulnerabilities. DTRAP 3(4): 37:1 (2022) - [c76]Konstantinos Solomos, Panagiotis Ilia, Nick Nikiforakis, Jason Polakis:
Escaping the Confines of Time: Continuous Browser Extension Fingerprinting Through Ephemeral Modifications. CCS 2022: 2675-2688 - [c75]Brian Kondracki, Babak Amin Azad, Najmeh Miramirkhani, Nick Nikiforakis:
The Droid is in the Details: Environment-aware Evasion of Android Sandboxes. NDSS 2022 - [c74]Johnny So, Najmeh Miramirkhani, Michael Ferdman, Nick Nikiforakis:
Domains Do Change Their Spots: Quantifying Potential Abuse of Residual Trust. SP 2022: 2130-2144 - [c73]Brian Kondracki, Johnny So, Nick Nikiforakis:
Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots. USENIX Security Symposium 2022: 53-70 - [c72]Konstantinos Solomos, Panagiotis Ilia, Soroush Karami, Nick Nikiforakis, Jason Polakis:
The Dangers of Human Touch: Fingerprinting Browser Extensions through User Actions. USENIX Security Symposium 2022: 717-733 - [c71]Xingzhi Guo, Brian Kondracki, Nick Nikiforakis, Steven Skiena:
Verba Volant, Scripta Volant: Understanding Post-publication Title Changes in News Outlets. WWW 2022: 588-598 - 2021
- [c70]Timothy Barron, Johnny So, Nick Nikiforakis:
Click This, Not That: Extending Web Authentication with Deception. AsiaCCS 2021: 462-474 - [c69]Brian Kondracki, Babak Amin Azad, Oleksii Starov, Nick Nikiforakis:
Catching Transparent Phish: Analyzing and Detecting MITM Phishing Toolkits. CCS 2021: 36-50 - [c68]Beliz Kaleli, Brian Kondracki, Manuel Egele, Nick Nikiforakis, Gianluca Stringhini:
To Err.Is Human: Characterizing the Threat of Unintended URLs in Social Media. NDSS 2021 - [c67]Xigao Li, Babak Amin Azad, Amir Rahmati, Nick Nikiforakis:
Good Bot, Bad Bot: Characterizing Automated Browsing Activity. SP 2021: 1589-1605 - [c66]Pierre Laperdrix, Oleksii Starov, Quan Chen, Alexandros Kapravelos, Nick Nikiforakis:
Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets. USENIX Security Symposium 2021: 2507-2524 - [c65]Janos Szurdi, Meng Luo, Brian Kondracki, Nick Nikiforakis, Nicolas Christin:
Where are you taking me?Understanding Abusive Traffic Distribution Systems. WWW 2021: 3613-3624 - 2020
- [c64]Nikolaos Pantelaios, Nick Nikiforakis, Alexandros Kapravelos:
You've Changed: Detecting Malicious Browser Extensions through their Update Deltas. CCS 2020: 477-491 - [c63]Babak Amin Azad, Oleksii Starov, Pierre Laperdrix, Nick Nikiforakis:
Web Runner 2049: Evaluating Third-Party Anti-bot Services. DIMVA 2020: 135-159 - [c62]Babak Amin Azad, Oleksii Starov, Pierre Laperdrix, Nick Nikiforakis:
Short Paper - Taming the Shape Shifter: Detecting Anti-fingerprinting Browsers. DIMVA 2020: 160-170 - [c61]Sebastian Roth, Timothy Barron, Stefano Calzavara, Nick Nikiforakis, Ben Stock:
Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies. NDSS 2020 - [c60]Brian Kondracki, Assel Aliyeva, Manuel Egele, Jason Polakis, Nick Nikiforakis:
Meddling Middlemen: Empirical Analysis of the Risks of Data-Saving Mobile Browsers. SP 2020: 810-824 - [c59]Javad Nejati, Meng Luo, Nick Nikiforakis, Aruna Balasubramanian:
Need for Mobile Speed: A Historical Study of Mobile Web Performance. TMA 2020
2010 – 2019
- 2019
- [c58]Tom van Goethem, Najmeh Miramirkhani, Wouter Joosen, Nick Nikiforakis:
Purchased Fame: Exploring the Ecosystem of Private Blog Networks. AsiaCCS 2019: 366-378 - [c57]Pierre Laperdrix, Gildas Avoine, Benoit Baudry, Nick Nikiforakis:
Morellian Analysis for Browsers: Making Web Authentication Stronger with Canvas Fingerprinting. DIMVA 2019: 43-66 - [c56]Meng Luo, Pierre Laperdrix, Nima Honarmand, Nick Nikiforakis:
Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers. NDSS 2019 - [c55]Timothy Barron, Najmeh Miramirkhani, Nick Nikiforakis:
Now You See It, Now You Don't: A Large-scale Analysis of Early Domain Deletions. RAID 2019: 383-397 - [c54]Erik Trickel, Oleksii Starov, Alexandros Kapravelos, Nick Nikiforakis, Adam Doupé:
Everyone is Different: Client-side Diversification for Defending Against Extension Fingerprinting. USENIX Security Symposium 2019: 1679-1696 - [c53]Babak Amin Azad, Pierre Laperdrix, Nick Nikiforakis:
Less is More: Quantifying the Security Benefits of Debloating Web Applications. USENIX Security Symposium 2019: 1697-1714 - [c52]Oleksii Starov, Pierre Laperdrix, Alexandros Kapravelos, Nick Nikiforakis:
Unnecessarily Identifiable: Quantifying the fingerprintability of browser extensions due to bloat. WWW 2019: 3244-3250 - 2018
- [c51]Oleksii Starov, Nick Nikiforakis:
PrivacyMeter: Designing and Developing a Privacy-Preserving Browser Extension. ESSoS 2018: 77-95 - [c50]Oleksii Starov, Yuchen Zhou, Xiao Zhang, Najmeh Miramirkhani, Nick Nikiforakis:
Betrayed by Your Dashboard: Discovering Malicious Campaigns via Web Analytics. WWW 2018: 227-236 - [c49]Najmeh Miramirkhani, Timothy Barron, Michael Ferdman, Nick Nikiforakis:
Panning for gold.com: Understanding the Dynamics of Domain Dropcatching. WWW 2018: 257-266 - [c48]Bharat Srinivasan, Athanasios Kountouras, Najmeh Miramirkhani, Monjur Alam, Nick Nikiforakis, Manos Antonakakis, Mustaque Ahamad:
Exposing Search and Advertisement Abuse Tactics and Infrastructure of Technical Support Scammers. WWW 2018: 319-328 - [i9]Martin Johns, Nick Nikiforakis, Melanie Volkamer, John Wilander:
Web Application Security (Dagstuhl Seminar 18321). Dagstuhl Reports 8(8): 1-17 (2018) - 2017
- [c47]Timothy Barron, Nick Nikiforakis:
Picky Attackers: Quantifying the Role of System Properties on Intruder Behavior. ACSAC 2017: 387-398 - [c46]Meng Luo, Oleksii Starov, Nima Honarmand, Nick Nikiforakis:
Hindsight: Understanding the Evolution of UI Vulnerabilities in Mobile Browsers. CCS 2017: 149-162 - [c45]Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero Gómez, Nikolaos Pitropakis, Nick Nikiforakis, Manos Antonakakis:
Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse. CCS 2017: 569-586 - [c44]Thomas Vissers, Timothy Barron, Tom van Goethem, Wouter Joosen, Nick Nikiforakis:
The Wolf of Name Street: Hijacking Domains Through Their Nameservers. CCS 2017: 957-970 - [c43]Georg Merzdovnik, Markus Huber, Damjan Buhov, Nick Nikiforakis, Sebastian Neuner, Martin Schmiedecker, Edgar R. Weippl:
Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools. EuroS&P 2017: 319-333 - [c42]Najmeh Miramirkhani, Oleksii Starov, Nick Nikiforakis:
Dial One for Scam: A Large-Scale Analysis of Technical Support Scams. NDSS 2017 - [c41]Oleksii Starov, Nick Nikiforakis:
XHOUND: Quantifying the Fingerprintability of Browser Extensions. IEEE Symposium on Security and Privacy 2017: 941-956 - [c40]Najmeh Miramirkhani, Mahathi Priya Appini, Nick Nikiforakis, Michalis Polychronakis:
Spotless Sandboxes: Evading Malware Analysis Systems Using Wear-and-Tear Artifacts. IEEE Symposium on Security and Privacy 2017: 1009-1024 - [c39]Enrico Mariconti, Jeremiah Onaolapo, Syed Sharique Ahmad, Nicolas Nikiforou, Manuel Egele, Nick Nikiforakis, Gianluca Stringhini:
What's in a Name?: Understanding Profile Name Reuse on Twitter. WWW 2017: 1161-1170 - [c38]Oleksii Starov, Nick Nikiforakis:
Extended Tracking Powers: Measuring the Privacy Diffusion Enabled by Browser Extensions. WWW 2017: 1481-1490 - [i8]Enrico Mariconti, Jeremiah Onaolapo, Syed Sharique Ahmad, Nicolas Nikiforou, Manuel Egele, Nick Nikiforakis, Gianluca Stringhini:
What's in a Name? Understanding Profile Name Reuse on Twitter. CoRR abs/1702.04256 (2017) - [i7]Panagiotis Kintis, Najmeh Miramirkhani, Charles Lever, Yizheng Chen, Rosa Romero Gómez, Nikolaos Pitropakis, Nick Nikiforakis, Manos Antonakakis:
Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse. CoRR abs/1708.08519 (2017) - [i6]Bharat Srinivasan, Athanasios Kountouras, Najmeh Miramirkhani, Monjur Alam, Nick Nikiforakis, Manos Antonakakis, Mustaque Ahamad:
By Hook or by Crook: Exposing the Diverse Abuse Tactics of Technical Support Scammers. CoRR abs/1709.08331 (2017) - [i5]Nataliia Bielova, Nikolaos Laoutaris, Arvind Narayanan, Nick Nikiforakis:
Online Privacy and Web Transparency (Dagstuhl Seminar 17162). Dagstuhl Reports 7(4): 83-106 (2017) - 2016
- [j4]Oleksii Starov, Phillipa Gill, Nick Nikiforakis:
Are You Sure You Want to Contact Us? Quantifying the Leakage of PII via Website Contact Forms. Proc. Priv. Enhancing Technol. 2016(1): 20-33 (2016) - [c37]Enrico Mariconti, Jeremiah Onaolapo, Syed Sharique Ahmad, Nicolas Nikiforou, Manuel Egele, Nick Nikiforakis, Gianluca Stringhini:
Why allowing profile name reuse is a bad idea. EUROSEC 2016: 3:1-3:6 - [c36]M. Zubair Rafique, Tom van Goethem, Wouter Joosen, Christophe Huygens, Nick Nikiforakis:
It's Free for a Reason: Exploring the Ecosystem of Free Live Streaming Services. NDSS 2016 - [c35]Oleksii Starov, Johannes Dahse, Syed Sharique Ahmad, Thorsten Holz, Nick Nikiforakis:
No Honor Among Thieves: A Large-Scale Analysis of Malicious Web Shells. WWW 2016: 1021-1032 - [i4]Najmeh Miramirkhani, Oleksii Starov, Nick Nikiforakis:
Dial One for Scam: Analyzing and Detecting Technical Support Scams. CoRR abs/1607.06891 (2016) - 2015
- [j3]Philippe De Ryck, Nick Nikiforakis, Lieven Desmet, Frank Piessens, Wouter Joosen:
Protected Web Components: Hiding Sensitive Information in the Shadows. IT Prof. 17(1): 36-43 (2015) - [c34]Shuang Hao, Kevin Borgolte, Nick Nikiforakis, Gianluca Stringhini, Manuel Egele, Michael Eubanks, Brian Krebs, Giovanni Vigna:
Drops for Stuff: An Analysis of Reshipping Mule Scams. CCS 2015: 1081-1092 - [c33]Tom van Goethem, Wouter Joosen, Nick Nikiforakis:
The Clock is Still Ticking: Timing Attacks in the Modern Web. CCS 2015: 1382-1393 - [c32]Thomas Vissers, Tom van Goethem, Wouter Joosen, Nick Nikiforakis:
Maneuvering Around Clouds: Bypassing Cloud-based Security Providers. CCS 2015: 1530-1541 - [c31]Pieter Agten, Wouter Joosen, Frank Piessens, Nick Nikiforakis:
Seven Months' Worth of Mistakes: A Longitudinal Study of Typosquatting Abuse. NDSS 2015 - [c30]Thomas Vissers, Wouter Joosen, Nick Nikiforakis:
Parking Sensors: Analyzing and Detecting Parked Domains. NDSS 2015 - [c29]Nick Nikiforakis, Wouter Joosen, Benjamin Livshits:
PriVaricator: Deceiving Fingerprinters with Little White Lies. WWW 2015: 820-830 - 2014
- [j2]Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna:
On the Workings and Current Practices of Web-Based Device Fingerprinting. IEEE Secur. Priv. 12(3): 28-36 (2014) - [j1]Willem De Groef, Dominique Devriese, Nick Nikiforakis, Frank Piessens:
Secure multi-execution of web scripts: Theory and practice. J. Comput. Secur. 22(4): 469-509 (2014) - [c28]Steven Van Acker, Nick Nikiforakis, Lieven Desmet, Frank Piessens, Wouter Joosen:
Monkey-in-the-browser: malware and vulnerabilities in augmented browsing script markets. AsiaCCS 2014: 525-530 - [c27]Tom van Goethem, Frank Piessens, Wouter Joosen, Nick Nikiforakis:
Clubbing Seals: Exploring the Ecosystem of Third-party Security Seals. CCS 2014: 918-929 - [c26]Nick Nikiforakis, Marco Balduzzi, Lieven Desmet, Frank Piessens, Wouter Joosen:
Soundsquatting: Uncovering the Use of Homophones in Domain Squatting. ISC 2014: 291-308 - [c25]Ping Chen, Nick Nikiforakis, Lieven Desmet, Christophe Huygens:
Security Analysis of the Chinese Web: How well is it protected? SafeConfig 2014: 3-9 - [c24]Tom van Goethem, Ping Chen, Nick Nikiforakis, Lieven Desmet, Wouter Joosen:
Large-Scale Security Analysis of the Web: Challenges and Findings. TRUST 2014: 110-126 - [c23]Nick Nikiforakis, Federico Maggi, Gianluca Stringhini, M. Zubair Rafique, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna, Stefano Zanero:
Stranger danger: exploring the ecosystem of ad-based URL shortening services. WWW 2014: 51-62 - [i3]Francesco Gadaleta, Nick Nikiforakis, Jan Tobias Mühlberg, Wouter Joosen:
HyperForce: Hypervisor-enForced Execution of Security-Critical Code. CoRR abs/1405.5648 (2014) - [i2]Francesco Gadaleta, Nick Nikiforakis, Yves Younan, Wouter Joosen:
Hello rootKitty: A lightweight invariance-enforcing framework. CoRR abs/1405.5651 (2014) - [i1]Francesco Gadaleta, Raoul Strackx, Nick Nikiforakis, Frank Piessens, Wouter Joosen:
On the effectiveness of virtualization-based security. CoRR abs/1405.6058 (2014) - 2013
- [c22]Philippe De Ryck, Nick Nikiforakis, Lieven Desmet, Wouter Joosen:
TabShots: client-side detection of tabnabbing attacks. AsiaCCS 2013: 447-456 - [c21]Gunes Acar, Marc Juarez, Nick Nikiforakis, Claudia Díaz, Seda F. Gürses, Frank Piessens, Bart Preneel:
FPDetective: dusting the web for fingerprinters. CCS 2013: 1129-1140 - [c20]Nick Nikiforakis, Frank Piessens, Wouter Joosen:
HeapSentry: Kernel-Assisted Protection against Heap Overflows. DIMVA 2013: 177-196 - [c19]Ping Chen, Nick Nikiforakis, Christophe Huygens, Lieven Desmet:
A Dangerous Mix: Large-Scale Analysis of Mixed-Content Websites. ISC 2013: 354-363 - [c18]Nick Nikiforakis, Alexandros Kapravelos, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna:
Cookieless Monster: Exploring the Ecosystem of Web-Based Device Fingerprinting. IEEE Symposium on Security and Privacy 2013: 541-555 - [c17]Nick Nikiforakis, Steven Van Acker, Wannes Meert, Lieven Desmet, Frank Piessens, Wouter Joosen:
Bitsquatting: exploiting bit-flips for fun, or profit? WWW 2013: 989-998 - 2012
- [c16]Steven Van Acker, Nick Nikiforakis, Lieven Desmet, Wouter Joosen, Frank Piessens:
FlashOver: automated discovery of cross-site scripting vulnerabilities in rich internet applications. AsiaCCS 2012: 12-13 - [c15]Nick Nikiforakis, Luca Invernizzi, Alexandros Kapravelos, Steven Van Acker, Wouter Joosen, Christopher Kruegel, Frank Piessens, Giovanni Vigna:
You are what you include: large-scale evaluation of remote javascript inclusions. CCS 2012: 736-747 - [c14]Willem De Groef, Dominique Devriese, Nick Nikiforakis, Frank Piessens:
FlowFox: a web browser with flexible and precise information flow control. CCS 2012: 748-759 - [c13]Philippe De Ryck, Nick Nikiforakis, Lieven Desmet, Frank Piessens, Wouter Joosen:
Serene: Self-Reliant Client-Side Protection against Session Fixation. DAIS 2012: 59-72 - [c12]Job Noorman, Nick Nikiforakis, Frank Piessens:
There Is Safety in Numbers: Preventing Control-Flow Hijacking by Duplication. NordSec 2012: 105-120 - [c11]Nick Nikiforakis, Steven Van Acker, Frank Piessens, Wouter Joosen:
Exploring the Ecosystem of Referrer-Anonymizing Services. Privacy Enhancing Technologies 2012: 259-278 - [c10]Sebastian Lekies, Nick Nikiforakis, Walter Tighzert, Frank Piessens, Martin Johns:
DEMACRO: Defense against Malicious Cross-Domain Requests. RAID 2012: 254-273 - [c9]Francesco Gadaleta, Nick Nikiforakis, Jan Tobias Mühlberg, Wouter Joosen:
HyperForce: Hypervisor-enForced Execution of Security-Critical Code. SEC 2012: 126-137 - [c8]Pieter Agten, Nick Nikiforakis, Raoul Strackx, Willem De Groef, Frank Piessens:
Recent Developments in Low-Level Software Security. WISTP 2012: 1-16 - 2011
- [c7]John Wilander, Nick Nikiforakis, Yves Younan, Mariam Kamkar, Wouter Joosen:
RIPE: runtime intrusion prevention evaluator. ACSAC 2011: 41-50 - [c6]Nick Nikiforakis, Wannes Meert, Yves Younan, Martin Johns, Wouter Joosen:
SessionShield: Lightweight Protection against Session Hijacking. ESSoS 2011: 87-100 - [c5]Nick Nikiforakis, Wouter Joosen, Martin Johns:
Abusing locality in shared web hosting. EUROSEC 2011: 2 - [c4]Francesco Gadaleta, Nick Nikiforakis, Yves Younan, Wouter Joosen:
Hello rootKitty: A Lightweight Invariance-Enforcing Framework. ISC 2011: 213-228 - [c3]Nick Nikiforakis, Marco Balduzzi, Steven Van Acker, Wouter Joosen, Davide Balzarotti:
Exposing the Lack of Privacy in File Hosting Services. LEET 2011 - 2010
- [c2]Nick Nikiforakis, Yves Younan, Wouter Joosen:
HProxy: Client-Side Detection of SSL Stripping Attacks. DIMVA 2010: 200-218 - [c1]Steven Van Acker, Nick Nikiforakis, Pieter Philippaerts, Yves Younan, Frank Piessens:
ValueGuard: Protection of Native Applications against Data-Only Buffer Overflows. ICISS 2010: 156-170