Current Control-Flow Integrity (CFI) implementations track control edges individually, insensitive to the context of pre-ceding edges. Recent work demonstrates that this leaves suf-ficient leeway for powerful ROP attacks. Context-sensitive CFI, which can provide enhanced security, is widely consid-ered impractical for real-world adoption. Our work shows that Context-sensitive CFI (CCFI) for both the backward and forward edge can be implemented efficiently on com-modity hardware. We present PathArmor, a binary-level CCFI implementation which tracks paths to sensitive pro-gram states, and defines the set of valid control edges within the state context to yield higher precision than existing CFI implementations. Even with simple context-sensit...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current Control-Flow Integrity (CFI) implementations track control edges individually, insensitive t...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
© Springer International Publishing AG, part of Springer Nature 2018. Through memory vulnerabilities...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Control Flow Integrity (CFI) is one of the most promising technique to defend Code-Reuse Attacks (CR...
© 2018 Authors. Per-Input Control Flow Integrity (PICFI) represents a recent advance in dynamic CFI ...
Abstract Constraining dynamic control transfers is a common technique for mitigating software vulner...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
A popular software attack on a program is by transferring the program control to malicious code inse...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current Control-Flow Integrity (CFI) implementations track control edges individually, insensitive t...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
© Springer International Publishing AG, part of Springer Nature 2018. Through memory vulnerabilities...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Control Flow Integrity (CFI) is one of the most promising technique to defend Code-Reuse Attacks (CR...
© 2018 Authors. Per-Input Control Flow Integrity (PICFI) represents a recent advance in dynamic CFI ...
Abstract Constraining dynamic control transfers is a common technique for mitigating software vulner...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
A popular software attack on a program is by transferring the program control to malicious code inse...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...