Return-to-user (ret2usr) attacks redirect corrupted kernel pointers to data residing in user space. In response, sev-eral kernel-hardening approaches have been proposed to enforce a more strict address space separation, by pre-venting arbitrary control flow transfers and dereferences from kernel to user space. Intel and ARM also recently introduced hardware support for this purpose in the form of the SMEP, SMAP, and PXN processor features. Un-fortunately, although mechanisms like the above prevent the explicit sharing of the virtual address space among user processes and the kernel, conditions of implicit shar-ing still exist due to fundamental design choices that trade stronger isolation for performance. In this work, we demonstrate how im...
Monolithic kernels have been the traditional design choice of many modern operating systems for prac...
Code reuse attacks allow an adversary to impose malicious behavior on an otherwise benign program. T...
As network, I/O, accelerator, and NVM devices capable of a million operations per second make their ...
Return-to-user (ret2usr) attacks redirect corrupted kernel pointers to data residing in user space. ...
Today’s operating systems are large, complex, and plagued with vulnerabilities that allow perpetrato...
Return-to-user (ret2usr) attacks exploit the operating sys-tem kernel, enabling local users to hijac...
Return-to-user (ret2usr) attacks exploit the operating sys-tem kernel, enabling local users to hijac...
Modern operating systems use hardware support to protect against control flow hijacking attacks such...
Commodity operating systems such as Windows, Linux, and MacOS X form the Trusted Computing Base (TCB...
ROP attack introduced briefly in this paper is a serious threat to compute systems. Kernel ROP attac...
Recent operating systems (OSs) have adopted a defense mechanism called kernel page table isolation (...
Countermeasures against kernel vulnerability attacks on an operating system (OS) are highly importan...
Kernel Address Space Layout Randomization (KASLR) has been repeatedly targeted by side-channel attac...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address sp...
Monolithic kernels have been the traditional design choice of many modern operating systems for prac...
Code reuse attacks allow an adversary to impose malicious behavior on an otherwise benign program. T...
As network, I/O, accelerator, and NVM devices capable of a million operations per second make their ...
Return-to-user (ret2usr) attacks redirect corrupted kernel pointers to data residing in user space. ...
Today’s operating systems are large, complex, and plagued with vulnerabilities that allow perpetrato...
Return-to-user (ret2usr) attacks exploit the operating sys-tem kernel, enabling local users to hijac...
Return-to-user (ret2usr) attacks exploit the operating sys-tem kernel, enabling local users to hijac...
Modern operating systems use hardware support to protect against control flow hijacking attacks such...
Commodity operating systems such as Windows, Linux, and MacOS X form the Trusted Computing Base (TCB...
ROP attack introduced briefly in this paper is a serious threat to compute systems. Kernel ROP attac...
Recent operating systems (OSs) have adopted a defense mechanism called kernel page table isolation (...
Countermeasures against kernel vulnerability attacks on an operating system (OS) are highly importan...
Kernel Address Space Layout Randomization (KASLR) has been repeatedly targeted by side-channel attac...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address sp...
Monolithic kernels have been the traditional design choice of many modern operating systems for prac...
Code reuse attacks allow an adversary to impose malicious behavior on an otherwise benign program. T...
As network, I/O, accelerator, and NVM devices capable of a million operations per second make their ...