Add to ORKGWe present program shepherding, a method for monitoring control flow transfers dur-ing program execution in order to enforce a security policy. Program shepherding provides three basic techniques as building blocks for security policies. First, pro-gram shepherding can restrict execution privileges on the basis of code origins. This distinction can ensure that malicious code masquerading as data is never executed, thwarting a large class of security attacks. Second, shepherding can restrict control transfers based on instruction type, source, and target. Finally, shepherding guaran-tees that sandboxing checks around any program operation will never be bypassed. Security attacks use inevitable bugs in trusted binaries to coerce a program int...
International audienceMemory corruption attacks have been a major issue in software security for ove...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
International audienceMemory corruption attacks have been a major issue in software security for ove...
Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer...
Abstract: Many modern embedded systems use networks to communicate. This increases the attack surfa...
We present a simple architectural mechanism called dynamic information flow tracking that can signif...
We present a simple architectural mechanism called dynamic information flow tracking that can signif...
We present a simple architectural mechanism called dynamicinformation flow tracking that can signifi...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Recent micro-architectural research has proposed various schemes to enhance processors with addition...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
Software has an important role in many systems, in particular in critical systems where the correct ...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
With the widespread deployment of Control-Flow Integrity (CFI), control-flow hijacking attacks, and ...
Part 6: Source Code SecurityInternational audienceDespite being a more than 40-year-old dark art, co...
International audienceMemory corruption attacks have been a major issue in software security for ove...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
International audienceMemory corruption attacks have been a major issue in software security for ove...
Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer...
Abstract: Many modern embedded systems use networks to communicate. This increases the attack surfa...
We present a simple architectural mechanism called dynamic information flow tracking that can signif...
We present a simple architectural mechanism called dynamic information flow tracking that can signif...
We present a simple architectural mechanism called dynamicinformation flow tracking that can signifi...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Recent micro-architectural research has proposed various schemes to enhance processors with addition...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
Software has an important role in many systems, in particular in critical systems where the correct ...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
With the widespread deployment of Control-Flow Integrity (CFI), control-flow hijacking attacks, and ...
Part 6: Source Code SecurityInternational audienceDespite being a more than 40-year-old dark art, co...
International audienceMemory corruption attacks have been a major issue in software security for ove...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
International audienceMemory corruption attacks have been a major issue in software security for ove...