From hack to elaborate technique—a survey on binary rewriting
M Wenzl, G Merzdovnik, J Ullrich… - ACM Computing Surveys …, 2019 - dl.acm.org
Binary rewriting is changing the semantics of a program without having the source code at
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
{Control-Flow} bending: On the effectiveness of {Control-Flow} integrity
Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …
Code-pointer integrity
In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
Control flow and code integrity for COTS binaries: An effective defense against real-world ROP attacks
Despite decades of sustained effort, memory corruption attacks continue to be one of the
most serious security threats faced today. They are highly sought after by attackers, as they …
most serious security threats faced today. They are highly sought after by attackers, as they …
Type inference on executables
J Caballero, Z Lin - ACM Computing Surveys (CSUR), 2016 - dl.acm.org
In many applications, source code and debugging symbols of a target program are not
available, and the only thing that we can access is the program executable. A fundamental …
available, and the only thing that we can access is the program executable. A fundamental …
Practical control flow integrity and randomization for binary executables
Control Flow Integrity (CFI) provides a strong protection against modern control-flow
hijacking attacks. However, performance and compatibility issues limit its adoption. We …
hijacking attacks. However, performance and compatibility issues limit its adoption. We …
SoK: Automated software diversity
The idea of automatic software diversity is at least two decades old. The deficiencies of
currently deployed defenses and the transition to online software distribution (the" App store" …
currently deployed defenses and the transition to online software distribution (the" App store" …
The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86)
H Shacham - Proceedings of the 14th ACM conference on Computer …, 2007 - dl.acm.org
We present new techniques that allow a return-into-libc attack to be mounted on x86
executables that calls no functions at all. Our attack combines a large number of short …
executables that calls no functions at all. Our attack combines a large number of short …
SoK: Shining light on shadow stacks
Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs.
Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge, ie, indirect …
Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge, ie, indirect …
Native client: A sandbox for portable, untrusted x86 native code
Native Client is a sandbox for untrusted x86 native code. It aims to give browser-based
applications the computational performance of native applications without compromising …
applications the computational performance of native applications without compromising …