Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs.
Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge, ie, indirect …

The C and C++ programming languages are notoriously insecure yet remain indispensable.
Developers therefore resort to a multi-pronged approach to find security issues before …

Existing coverage-based fuzzers usually use the individual control flow graph (CFG) edge
coverage to guide the fuzzing process, which has shown great potential in finding …

The goal of control-flow integrity (CFI) is to stop control-hijacking attacks by ensuring that
each indirect control-flow transfer (ICT) jumps to its legitimate target. However, existing …

Memory safety is a key security property that stops memory corruption vulnerabilities.
Different types of memory safety enforcement solutions have been proposed and adopted by …

Use-after-free vulnerabilities due to dangling pointers are an important and growing threat to
systems security. While various solutions exist to address this problem, none of them is …

Directed fuzzing focuses on automatically testing specific parts of the code by taking
advantage of additional information such as (partial) bug stack trace, patches or risky …

A lack of temporal safety in low-level languages has led to an epidemic of use-after-free
exploits. These have surpassed in number and severity even the infamous buffer-overflow …

Use-after-free violations of temporal memory safety continue to plague software systems,
underpinning many high-impact exploits. The CHERI capability system shows great promise …

Capability architectures for memory safety have traditionally required expanding pointers
and radically changing microarchitectural structures throughout processors, while only …