Abstract—Software running on an open architecture, such as the PC, is vulnerable to inspection and modification. Since software may process valuable or sensitive information, many de-fenses against data analysis and modification have been proposed. This paper complements existing work and focuses on hiding data location throughout program execution. To achieve this, we combine three techniques: (i) periodic reordering of the heap, (ii) migrating local variables from the stack to the heap and (iii) pointer scrambling. By essentialy flattening the dataflow graph of the program, the techniques serve to complicate static dataflow analysis and dynamic data tracking. Our methodology can be viewed as a data-oriented analogue of control-flow flatte...
sbhatkar,dand,sekar¡ Attacks which exploit memory programming errors (such as buffer overflows) are ...
Writes via unchecked pointer dereferences rank high among vulnerabilities most often exploited by ma...
Despite the fact that protection mechanisms like StackGuard, ASLR and NX are widespread, the develop...
Software running on an open architecture, such as the PC, is vulnerable to inspection and modificatio...
Data-oriented exploits are growing in popularity as defenders are closing attack vectorsrelated to c...
This report addresses de-obfuscation on programs. The targeted obfuscation scheme is the control flo...
Software attacks often subvert the intended data-flow in a vulnerable program. For example, attacker...
Abstract. Protecting a software from unauthorized access is an ever de-manding task. Thus, in this p...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Systems software written in C/C++ is plagued by bugs, which attackers exploit to gain control of sys...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Recent micro-architectural research has proposed various schemes to enhance processors with addition...
Abstract. We present a hybrid approach to information flow security where security violations are de...
sbhatkar,dand,sekar¡ Attacks which exploit memory programming errors (such as buffer overflows) are ...
Writes via unchecked pointer dereferences rank high among vulnerabilities most often exploited by ma...
Despite the fact that protection mechanisms like StackGuard, ASLR and NX are widespread, the develop...
Software running on an open architecture, such as the PC, is vulnerable to inspection and modificatio...
Data-oriented exploits are growing in popularity as defenders are closing attack vectorsrelated to c...
This report addresses de-obfuscation on programs. The targeted obfuscation scheme is the control flo...
Software attacks often subvert the intended data-flow in a vulnerable program. For example, attacker...
Abstract. Protecting a software from unauthorized access is an ever de-manding task. Thus, in this p...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Systems software written in C/C++ is plagued by bugs, which attackers exploit to gain control of sys...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Recent micro-architectural research has proposed various schemes to enhance processors with addition...
Abstract. We present a hybrid approach to information flow security where security violations are de...
sbhatkar,dand,sekar¡ Attacks which exploit memory programming errors (such as buffer overflows) are ...
Writes via unchecked pointer dereferences rank high among vulnerabilities most often exploited by ma...
Despite the fact that protection mechanisms like StackGuard, ASLR and NX are widespread, the develop...