Abstract: Methods, systems, and computer readable media for preventing code reuse attacks are disclosed. According to one method, the method includes executing, on a processor, code in a memory page related to an application, wherein the memory page is protected. The method also includes detecting a read request associated with the code. The method further includes after detecting the read request, modifying, without using a hypervisor, at least one memory permission associated with the memory page such that the code is no longer executable after the code is read.

Abstract: Methods, systems, and computer readable media for detecting malicious network traffic are disclosed. According to one method, the method includes caching network traffic transmitted between a client and a server, wherein the network traffic includes a uniform resource locator (URL) for accessing at least one file from the server. The method also includes determining whether the at least one file is suspicious. The method further includes in response to determining that the at least one file is suspicious, determining whether the at least one file is malicious by replaying the network traffic using an emulated client and an emulated server.

Abstract: Methods, systems, and computer readable media for preventing code reuse attacks are disclosed. According to one method, the method includes executing, on a processor, code in a memory page related to an application, wherein the memory page is protected. The method also includes detecting a read request associated with the code. The method further includes after detecting the read request, modifying, without using a hypervisor, at least one memory permission associated with the memory page such that the code is no longer executable after the code is read.

Abstract: Methods, systems, and computer readable media for detecting malicious network traffic are disclosed. According to one method, the method includes caching network traffic transmitted between a client and a server, wherein the network traffic includes a uniform resource locator (URL) for accessing at least one file from the server. The method also includes determining whether the at least one file is suspicious. The method further includes in response to determining that the at least one file is suspicious, determining whether the at least one file is malicious by replaying the network traffic using an emulated client and an emulated server.