We present a new system, KCoFI, that is the first we know of to provide complete Control-Flow Integrity protection for commodity operating systems without using heavyweight complete memory safety. Unlike previous systems, KCoFI protects commodity operating systems from classical control-flow hijack attacks, return-to-user attacks, and code segment modification attacks. We formally verify a subset of KCoFI’s design by modeling several features in small-step semantics and providing a partial proof that the semantics maintain control-flow integrity. The model and proof account for oper-ations such as page table management, trap handlers, context switching, and signal delivery. Our evaluation shows that KCoFI prevents all the gadgets found by a...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
We present a new system, KCoFI, that is the first we know of to provide complete Control-Flow Integr...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
We present a new system, KCoFI, that is the first we know of to provide complete Control-Flow Integr...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...