P Bhat, K Dutta - ACM Computing Surveys (CSUR), 2019 - dl.acm.org
The advent of the Android system has brought smartphone technology to the doorsteps of the masses. The latest technologies have made it affordable for every section of the society …
H Hu, S Shinde, S Adrian, ZL Chua… - … IEEE Symposium on …, 2016 - ieeexplore.ieee.org
As control-flow hijacking defenses gain adoption, it is important to understand the remaining capabilities of adversaries via memory exploits. Non-control data exploits are used to mount …
Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …
In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
Memory corruption bugs in software written in low-level languages like C or C++ are one of the oldest problems in computer security. The lack of safety in these languages allows …
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking attacks. However, performance and compatibility issues limit its adoption. We …
Return-oriented programming is an effective code-reuse attack in which short code sequences ending in a ret instruction are found within existing binaries and executed in …
The serious bugs and security vulnerabilities facilitated by C/C++'s lack of bounds checking are well known, yet C and C++ remain in widespread use. Unfortunately, C's arbitrary …
The C and C++ programming languages are notoriously insecure yet remain indispensable. Developers therefore resort to a multi-pronged approach to find security issues before …