S Liu, D Zeng, Y Huang, F Capobianco… - Proceedings of the …, 2019 - dl.acm.org
Privilege separation is an effective technique to improve software security. However, past partitioning systems do not allow programmers to make quantitative tradeoffs between …
K Lu - 2023 IEEE Symposium on Security and Privacy (SP), 2023 - ieeexplore.ieee.org
Today's software programs are bloating and have become extremely complex. As there is typically no internal isolation among modules in a program, a vulnerability can be exploited …
D Brumley, D Song - USENIX Security Symposium, 2004 - usenix.org
Privilege separation partitions a single program into two parts: a privileged program called the monitor and an unprivileged program called the slave. All trust and privileges are …
Using memory after it has been freed opens programs up to both data and control-flow exploits. Recent work on temporal memory safety has focused on using explicit lock-and-key …
SH Yong, S Horwitz - Proceedings of the 9th European software …, 2003 - dl.acm.org
Writes via unchecked pointer dereferences rank high among vulnerabilities most often exploited by malicious code. The most common attacks use an unchecked string copy to …
We present the design, implementation, and evaluation of SysXCHG: a system call (syscall) filtering enforcement mechanism that enables programs to run in accordance with the …
Y Wu, J Sun, Y Liu, JS Dong - 2013 28th IEEE/ACM …, 2013 - ieeexplore.ieee.org
The principle of least privilege requires that software components should be granted only necessary privileges, so that compromising one component does not lead to compromising …
A Bhattacharyya, F Hofhammer, Y Li… - … IEEE Symposium on …, 2023 - ieeexplore.ieee.org
Modern programs are monolithic, combining code of varied provenance without isolation, all the while running on network-connected devices. A vulnerability in any component may …
A Kwon, U Dhawan, JM Smith, TF Knight Jr… - Proceedings of the 2013 …, 2013 - dl.acm.org
Referencing outside the bounds of an array or buffer is a common source of bugs and security vulnerabilities in today's software. We can enforce spatial safety and eliminate these …