As an active defense technique to change asymmetry in cyberattack‐defense confrontation,
moving target defense research has become one of the hot spots. In order to gain better …

In recent years, cyber-physical systems (CPS) have been to many vital areas, including
medical devices, smart cars, industrial systems, energy grid, etc. As these systems …

As control-flow hijacking defenses gain adoption, it is important to understand the remaining
capabilities of adversaries via memory exploits. Non-control data exploits are used to mount …

In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …

Memory corruption bugs in software written in low-level languages like C or C++ are one of
the oldest problems in computer security. The lack of safety in these languages allows …

Despite decades of sustained effort, memory corruption attacks continue to be one of the
most serious security threats faced today. They are highly sought after by attackers, as they …

The idea of automatic software diversity is at least two decades old. The deficiencies of
currently deployed defenses and the transition to online software distribution (the" App store" …

Unlike library code, whose instruction addresses can be randomized by address space
layout randomization (ASLR), application binary code often has static instruction addresses …

In recent years, the deployment of many application-level countermeasures against memory
errors and the increasing number of vulnerabilities discovered in the kernel has fostered a …

Shielded execution based on Intel SGX provides strong security guarantees for legacy
applications running on untrusted platforms. However, memory safety attacks such as …