[HTML][HTML] Diversification and obfuscation techniques for software security: A systematic literature review
Context: Diversification and obfuscation are promising techniques for securing software and
protecting computers from harmful malware. The goal of these techniques is not removing …
protecting computers from harmful malware. The goal of these techniques is not removing …
Code-pointer integrity
In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
[PDF][PDF] ASLR on the Line: Practical Cache Attacks on the MMU.
Address space layout randomization (ASLR) is an important first line of defense against
memory corruption attacks and a building block for many modern countermeasures. Existing …
memory corruption attacks and a building block for many modern countermeasures. Existing …
[PDF][PDF] SANCTUARY: ARMing TrustZone with User-space Enclaves.
ARM TrustZone is one of the most widely deployed security architecture providing Trusted
Execution Environments (TEEs). Unfortunately, its usage and potential benefits for …
Execution Environments (TEEs). Unfortunately, its usage and potential benefits for …
Breaking kernel address space layout randomization with intel tsx
Kernel hardening has been an important topic since many applications and security
mechanisms often consider the kernel as part of their Trusted Computing Base (TCB) …
mechanisms often consider the kernel as part of their Trusted Computing Base (TCB) …
Shuffler: fast and deployable continuous code {re-randomization}
D Williams-King, G Gobieski, K Williams-King… - … USENIX Symposium on …, 2016 - usenix.org
While code injection attacks have been virtually eliminated on modern systems, programs
today remain vulnerable to code reuse attacks. Particularly pernicious are Just-In-Time ROP …
today remain vulnerable to code reuse attacks. Particularly pernicious are Just-In-Time ROP …
No need to hide: Protecting safe regions on commodity hardware
As modern 64-bit x86 processors no longer support the segmentation capabilities of their 32-
bit predecessors, most research projects assume that strong in-process memory isolation is …
bit predecessors, most research projects assume that strong in-process memory isolation is …
Protecting bare-metal embedded systems with privilege overlays
AA Clements, NS Almakhdhub, KS Saab… - … IEEE Symposium on …, 2017 - ieeexplore.ieee.org
Embedded systems are ubiquitous in every aspect of modern life. As the Internet of Thing
expands, our dependence on these systems increases. Many of these interconnected …
expands, our dependence on these systems increases. Many of these interconnected …
Retrofitting fine grain isolation in the Firefox renderer
Firefox and other major browsers rely on dozens of third-party libraries to render audio,
video, images, and other content. These libraries are a frequent source of vulnerabilities. To …
video, images, and other content. These libraries are a frequent source of vulnerabilities. To …
Speculative probing: Hacking blind in the Spectre era
To defeat ASLR or more advanced fine-grained and leakage-resistant code randomization
schemes, modern software exploits rely on information disclosure to locate gadgets inside …
schemes, modern software exploits rely on information disclosure to locate gadgets inside …