Intelligent vehicles are advancing at a fast speed with the improvement of automation and
connectivity, which opens up new possibilities for different cyber-attacks, including in-vehicle …

The advent of the Android system has brought smartphone technology to the doorsteps of
the masses. The latest technologies have made it affordable for every section of the society …

As control-flow hijacking defenses gain adoption, it is important to understand the remaining
capabilities of adversaries via memory exploits. Non-control data exploits are used to mount …

Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …

In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …

Memory corruption bugs in software written in low-level languages like C or C++ are one of
the oldest problems in computer security. The lack of safety in these languages allows …

Control Flow Integrity (CFI) provides a strong protection against modern control-flow
hijacking attacks. However, performance and compatibility issues limit its adoption. We …

Return-oriented programming is an effective code-reuse attack in which short code
sequences ending in a ret instruction are found within existing binaries and executed in …

The serious bugs and security vulnerabilities facilitated by C/C++'s lack of bounds checking
are well known, yet C and C++ remain in widespread use. Unfortunately, C's arbitrary …

The C and C++ programming languages are notoriously insecure yet remain indispensable.
Developers therefore resort to a multi-pronged approach to find security issues before …