During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particularly, an attacker often exploits a vulnerability within a program, hijacks control-flow, and executes malicious code. Data Execution Prevention (DEP), a hardware-enforced security feature, prevents an attacker from directly executing the injected malicious code. Therefore, attackers have resorted to code-reuse attacks, wherein carefully chosen fragments of code within existing code sections of a program are sequentially executed to accomplish malicious logic. Code-reuse attacks are ubiquitous and account for majority of the attacks in the wild. On one hand, due to the wide use of closed-source software, binary-level solutions are essential. ...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Ensuring the security and integrity of computer systems de-ployed on the Internet is growing harder....
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
This book provides an in-depth look at return-oriented programming attacks. It explores several conv...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
When exploiting software vulnerabilities such as buffer overflows, code reuse techniques are often u...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Ensuring the security and integrity of computer systems de-ployed on the Internet is growing harder....
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
This book provides an in-depth look at return-oriented programming attacks. It explores several conv...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
When exploiting software vulnerabilities such as buffer overflows, code reuse techniques are often u...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Ensuring the security and integrity of computer systems de-ployed on the Internet is growing harder....
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...