Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so that its execution always follows a predetermined Control-Flow Graph (CFG). As a result, CFI is ef-fective at preventing control-flow hijacking attacks. However, past fine-grained CFI implementations do not support separate compi-lation, which hinders its adoption. We present Modular Control-Flow Integrity (MCFI), a new CFI technique that supports separate compilation. MCFI allows mod-ules to be independently instrumented and linked statically or dy-namically. The combined module enforces a CFG that is a combi-nation of the individual modules ’ CFGs. One challenge in support-ing dynamic linking in multithreaded code is how to ensure a safe tr...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Abstract Constraining dynamic control transfers is a common technique for mitigating software vulner...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
© Springer International Publishing AG, part of Springer Nature 2018. Through memory vulnerabilities...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Control flow integrity (CFI) has been proposed as an approach to defend against control-hijacking me...
A popular software attack on a program is by transferring the program control to malicious code inse...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Abstract Constraining dynamic control transfers is a common technique for mitigating software vulner...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
© Springer International Publishing AG, part of Springer Nature 2018. Through memory vulnerabilities...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Control flow integrity (CFI) has been proposed as an approach to defend against control-hijacking me...
A popular software attack on a program is by transferring the program control to malicious code inse...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Abstract Constraining dynamic control transfers is a common technique for mitigating software vulner...