Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its enforcement can defeat most injected and existing code attacks, in-cluding those based on Return-Oriented Programming (ROP). Previous implementations of CFI have required compiler support or the presence of relocation or debug information in the binary. In contrast, we present a tech-nique for applying CFI to stripped binaries on x86/Linux. Ours is the first work to apply CFI to complex shared libraries such as glibc. Through experimental evalu-ation, we demonstrate that our CFI implementation is effective against control-flow hijack attacks, and elimi-nates the vast majority of ROP gadgets. To achieve this result, we have developed robust tech...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Control Flow Integrity (CFI) is one of the most promising technique to defend Code-Reuse Attacks (CR...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-Flow Integrity (CFI) is a defense which pre-vents control-flow hijacking attacks. While rece...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so ...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Control Flow Integrity (CFI) is one of the most promising technique to defend Code-Reuse Attacks (CR...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-Flow Integrity (CFI) is a defense which pre-vents control-flow hijacking attacks. While rece...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so ...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Control Flow Integrity (CFI) is one of the most promising technique to defend Code-Reuse Attacks (CR...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...