FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch Tracking
We present the design, implementation, and evaluation of FineIBT: a CFI enforcement
mechanism that improves the precision of hardware-assisted CFI solutions, like Intel IBT, by …
mechanism that improves the precision of hardware-assisted CFI solutions, like Intel IBT, by …
DOPE: DOmain protection enforcement with PKS
The number of Linux kernel vulnerabilities discovered has increased drastically over the
past years. In the kernel, even simple memory safety vulnerabilities can have devastating …
past years. In the kernel, even simple memory safety vulnerabilities can have devastating …
On Kernel's Safety in the Spectre Era (And KASLR is Formally Dead)
D Davoli, M Avanzini, T Rezk - Proceedings of the 2024 on ACM …, 2024 - dl.acm.org
The efficacy of address space layout randomization has been formally demonstrated in a
shared-memory model by Abadi et al., contingent on specific assumptions about victim …
shared-memory model by Abadi et al., contingent on specific assumptions about victim …
Camouflage: Hardware-assisted cfi for the arm linux kernel
R Denis-Courmont, H Liljestrand… - 2020 57th ACM/IEEE …, 2020 - ieeexplore.ieee.org
Software control-flow integrity (CFI) solutions have been applied to the Linux kernel for
memory protection. Due to performance costs, deployed software CFI solutions are coarse …
memory protection. Due to performance costs, deployed software CFI solutions are coarse …
Attacking TrustZone on devices lacking memory protection
R Stajnrod, R Ben Yehuda, NJ Zaidenberg - Journal of Computer Virology …, 2022 - Springer
ARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor
cores. Some vendors offer ARM modules that do not fully comply with TrustZone …
cores. Some vendors offer ARM modules that do not fully comply with TrustZone …
Improving {Indirect-Call} Analysis in {LLVM} with Type and {Data-Flow}{Co-Analysis}
Indirect function calls are widely used in building system software like OS kernels for their
high flexibility and performance. Statically resolving indirect-call targets has been known to …
high flexibility and performance. Statically resolving indirect-call targets has been known to …
{EPF}: Evil Packet Filter
The OS kernel is at the forefront of a system's security. Therefore, its own security is crucial
for the correctness and integrity of user applications. With a plethora of bugs continuously …
for the correctness and integrity of user applications. With a plethora of bugs continuously …
Control-flow integrity: Attacks and protections
Despite the intense efforts to prevent programmers from writing code with memory errors,
memory corruption vulnerabilities are still a major security threat. Consequently, control-flow …
memory corruption vulnerabilities are still a major security threat. Consequently, control-flow …
Fast intra-kernel isolation and security with IskiOS
The kernels of operating systems such as Windows, Linux, and MacOS are vulnerable to
control-flow hijacking. Defenses exist, but many require efficient intra-address-space …
control-flow hijacking. Defenses exist, but many require efficient intra-address-space …
[PDF][PDF] IskiOS: Lightweight defense against kernel-level code-reuse attacks
IskiOS: Lightweight Defense Against Kernel-Level Code-Reuse Attacks Page 1 IskiOS:
Lightweight Defense Against Kernel-Level Code-Reuse Attacks ∗ Spyridoula Gravani …
Lightweight Defense Against Kernel-Level Code-Reuse Attacks ∗ Spyridoula Gravani …