Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …
In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
M Zhang, R Sekar - Proceedings of the 31st Annual Computer Security …, 2015 - dl.acm.org
Despite decades of sustained effort, memory corruption attacks continue to be one of the most serious security threats faced today. They are highly sought after by attackers, as they …
J Caballero, Z Lin - ACM Computing Surveys (CSUR), 2016 - dl.acm.org
In many applications, source code and debugging symbols of a target program are not available, and the only thing that we can access is the program executable. A fundamental …
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking attacks. However, performance and compatibility issues limit its adoption. We …
The idea of automatic software diversity is at least two decades old. The deficiencies of currently deployed defenses and the transition to online software distribution (the" App store" …
H Shacham - Proceedings of the 14th ACM conference on Computer …, 2007 - dl.acm.org
We present new techniques that allow a return-into-libc attack to be mounted on x86 executables that calls no functions at all. Our attack combines a large number of short …
N Burow, X Zhang, M Payer - 2019 IEEE Symposium on …, 2019 - ieeexplore.ieee.org
Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs. Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge, ie, indirect …
Native Client is a sandbox for untrusted x86 native code. It aims to give browser-based applications the computational performance of native applications without compromising …