conclusion

We proposed STILL, a novel static taint and initialization analysis approach, to protect web servers from binary code-injection attacks. Our experiments show that STILL detect self-modifying code or indirect jumps with a high accuracy.

Acknowledgments This research was supported by the National Science Foundation (CAREER NSF-0643906).