Code-pointer integrity
In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
Sok: All you ever wanted to know about x86/x64 binary disassembly but were afraid to ask
Disassembly of binary code is hard, but necessary for improving the security of binary
software. Over the past few decades, research in binary disassembly has produced many …
software. Over the past few decades, research in binary disassembly has produced many …
xmp: Selective memory protection for kernel and user space
S Proskurin, M Momeu, S Ghavamnia… - … IEEE Symposium on …, 2020 - ieeexplore.ieee.org
Attackers leverage memory corruption vulnerabilities to establish primitives for reading from
or writing to the address space of a vulnerable process. These primitives form the foundation …
or writing to the address space of a vulnerable process. These primitives form the foundation …
Speculative probing: Hacking blind in the Spectre era
To defeat ASLR or more advanced fine-grained and leakage-resistant code randomization
schemes, modern software exploits rely on information disclosure to locate gadgets inside …
schemes, modern software exploits rely on information disclosure to locate gadgets inside …
Compiler-assisted code randomization
Despite decades of research on software diversification, only address space layout
randomization has seen widespread adoption. Code randomization, an effective defense …
randomization has seen widespread adoption. Code randomization, an effective defense …
Function interface analysis: A principled approach for function recognition in COTS binaries
Function recognition is one of the key tasks in binary analysis, instrumentation and reverse
engineering. Previous approaches for this problem have relied on matching code patterns …
engineering. Previous approaches for this problem have relied on matching code patterns …
Shredder: Breaking exploits through API specialization
S Mishra, M Polychronakis - Proceedings of the 34th Annual Computer …, 2018 - dl.acm.org
Code reuse attacks have been a threat to software security since the introduction of non-
executable memory protections. Despite significant advances in various types of additional …
executable memory protections. Despite significant advances in various types of additional …
Practical fine-grained binary code randomization
Despite its effectiveness against code reuse attacks, fine-grained code randomization has
not been deployed widely due to compatibility as well as performance concerns. Previous …
not been deployed widely due to compatibility as well as performance concerns. Previous …
What you can read is what you can't execute
Due to the address space layout randomization (ASLR), code reuse attacks (CRAs) require
memory probes to get available gadgets. Code reading is the basic way to obtain code …
memory probes to get available gadgets. Code reading is the basic way to obtain code …
[PDF][PDF] NoJITsu: Locking Down JavaScript Engines.
Data-only attacks against dynamic scripting environments have become common. Web
browsers and other modern applications embed scripting engines to support interactive …
browsers and other modern applications embed scripting engines to support interactive …