Abstract. Applications written in low-level languages without type or memory safety are prone to memory corruption. Attackers gain code execution capabilities through memory corruption despite all currently deployed defenses. Control-Flow Integrity (CFI) is a promising security property that restricts indirect control-flow transfers to a static set of well-known locations. We present Lockdown, a modular, fine-grained CFI policy that pro-tects binary-only applications and libraries without requiring source-code. Lockdown adaptively discovers the control-flow graph of a running process based on the executed code. The sandbox component of Lock-down restricts interactions between different shared objects to imported and exported functions by en...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Control-Flow Integrity (CFI) is a defense which pre-vents control-flow hijacking attacks. While rece...
Applications written in low-level languages without type or memory safety are especially prone to me...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Control flow integrity (CFI) has been proposed as an approach to defend against control-hijacking me...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so ...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Control-Flow Integrity (CFI) is a defense which pre-vents control-flow hijacking attacks. While rece...
Applications written in low-level languages without type or memory safety are especially prone to me...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Control flow integrity (CFI) has been proposed as an approach to defend against control-hijacking me...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so ...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Control-Flow Integrity (CFI) is a defense which pre-vents control-flow hijacking attacks. While rece...