We provide an overall description of the Ciao multiparadigm programming system
emphasizing some of the novel aspects and motivations behind its design and …

The maturation of the Web platform has given rise to sophisticated and demanding Web
applications such as interactive 3D visualization, audio and video software, and games. With …

Buffer overflow vulnerabilities are among the most widespread of security problems.
Numerous incidents of buffer overflow attacks have been reported and many solutions have …

Rust is a new systems programming language that promises to overcome the seemingly
fundamental tradeoff between high-level safety guarantees and low-level control over …

As control-flow hijacking defenses gain adoption, it is important to understand the remaining
capabilities of adversaries via memory exploits. Non-control data exploits are used to mount …

Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …

In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …

Memory corruption bugs in software written in low-level languages like C or C++ are one of
the oldest problems in computer security. The lack of safety in these languages allows …

CHERI extends a conventional RISC Instruction-Set Architecture, compiler, and operating
system to support fine-grained, capability-based memory protection to mitigate memory …

Motivated by contemporary security challenges, we reevaluate and refine capability-based
addressing for the RISC era. We present CHERI, a hybrid capability model that extends the …