Add to ORKGSubverting runtime data flow is common in many current software attacks. Data Flow Integrity (DFI) is a policy whose satisfaction can prevent such attacks. This paper develops a formal foundation on DFI specification, and characteristics of its enforcement techniques with formulations of hypotheses and guarantees. Enforcement techniques are based on static analysis and program monitoring at runtime. This foundation can be used for practical satisfaction of DFI and help establish guarantees in every applied platform
Properties of programs can be formulated using various techniques: dataflow analysis, abstract inter...
Sensitive information is a crucial asset for both individuals and companies. Since it is processed i...
Recent years have seen a proliferation of research on information flow control. While the progress h...
Data flow integrity enforcement overview Data flow integrity enforcement uses static analysis to com...
Software attacks often subvert the intended data-flow in a vulnerable program. For example, attacker...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
The emergence of Real-Time Systems with increased connections to their environment has led to a grea...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control flow integrity or CFI has emerged as an important technique forpreventing attacks on softwar...
Computer security is a very critical problem these days, as it has widespread consequences in case o...
This poster discusses a strategy for automatic whitelist generation and enforcement using techniques...
Data-oriented attacks, where the adversary corrupts critical program data in memory, remain one of t...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
Since the integrity policy model has been proposed, its maturity has always been lower than that of ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Properties of programs can be formulated using various techniques: dataflow analysis, abstract inter...
Sensitive information is a crucial asset for both individuals and companies. Since it is processed i...
Recent years have seen a proliferation of research on information flow control. While the progress h...
Data flow integrity enforcement overview Data flow integrity enforcement uses static analysis to com...
Software attacks often subvert the intended data-flow in a vulnerable program. For example, attacker...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
The emergence of Real-Time Systems with increased connections to their environment has led to a grea...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control flow integrity or CFI has emerged as an important technique forpreventing attacks on softwar...
Computer security is a very critical problem these days, as it has widespread consequences in case o...
This poster discusses a strategy for automatic whitelist generation and enforcement using techniques...
Data-oriented attacks, where the adversary corrupts critical program data in memory, remain one of t...
This thesis explores several ways to diversify the field of Information Flow Control. At the heart o...
Since the integrity policy model has been proposed, its maturity has always been lower than that of ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Properties of programs can be formulated using various techniques: dataflow analysis, abstract inter...
Sensitive information is a crucial asset for both individuals and companies. Since it is processed i...
Recent years have seen a proliferation of research on information flow control. While the progress h...