[PDF][PDF] Verified security for the Morello capability-enhanced prototype Arm architecture
T Bauereiss, B Campbell, T Sewell… - European …, 2022 - library.oapen.org
Memory safety bugs continue to be a major source of security vulnerabilities in our critical
infrastructure. The CHERI project has proposed extending conventional architectures with …
infrastructure. The CHERI project has proposed extending conventional architectures with …
Everything you want to know about pointer-based checking
S Nagarakatte, MMK Martin… - 1st Summit on Advances …, 2015 - drops.dagstuhl.de
Lack of memory safety in C/C++ has resulted in numerous security vulnerabilities and
serious bugs in large software systems. This paper highlights the challenges in enforcing …
serious bugs in large software systems. This paper highlights the challenges in enforcing …
Runtime detection of memory errors with smart status
C is a dominant language for implementing system software. Unfortunately, its support for
low-level control of memory often leads to memory errors. Dynamic analysis tools, which …
low-level control of memory often leads to memory errors. Dynamic analysis tools, which …
A smart status based monitoring algorithm for the dynamic analysis of memory safety
C is a dominant programming language for implementing system and low-level embedded
software. Unfortunately, the unsafe nature of its low-level control of memory often leads to …
software. Unfortunately, the unsafe nature of its low-level control of memory often leads to …
Boosting the precision of virtual call integrity protection with partial pointer analysis for C++
We present, VIP, an approach to boosting the precision of Virtual call Integrity Protection for
large-scale real-world C++ programs (eg, Chrome) by using pointer analysis for the first …
large-scale real-world C++ programs (eg, Chrome) by using pointer analysis for the first …
UFO: predictive concurrency use-after-free detection
J Huang - Proceedings of the 40th International Conference on …, 2018 - dl.acm.org
Use-After-Free (UAF) vulnerabilities are caused by the program operating on a dangling
pointer and can be exploited to compromise critical software systems. While there have …
pointer and can be exploited to compromise critical software systems. While there have …
If it's not secure, it should not compile: Preventing DOM-based XSS in large-scale web development with API hardening
With tons of efforts spent on its mitigation, Cross-site scripting (XSS) remains one of the most
prevalent security threats on the internet. Decades of exploitation and remediation …
prevalent security threats on the internet. Decades of exploitation and remediation …
Automated Use-After-Free Detection and Exploit Mitigation: How Far Have We Gone?
C/C++ programs frequently encounter memory errors, such as Use-After-Free (UAF), buffer
overflow, and integer overflow. Among these memory errors, UAF vulnerabilities are …
overflow, and integer overflow. Among these memory errors, UAF vulnerabilities are …
PDL: scaffolding problem solving in programming courses
Programming tasks provide an opportunity for students to improve their problem-solving
skills (PSS). However, when programming tasks are challenging, students could become …
skills (PSS). However, when programming tasks are challenging, students could become …
Towards End-to-End Verified TEEs via Verified Interface Conformance and Certified Compilers
F Derakhshan, Z Zhang… - 2023 IEEE 36th …, 2023 - ieeexplore.ieee.org
Trusted Execution Environments (TEE) are ubiq-uitous. They form the highest privileged
software component of the platform with full access to the system and associated devices …
software component of the platform with full access to the system and associated devices …