Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking attacks. However, performance and compatibility issues limit its adoption. We propose a new practical and realistic protection method called CCFIR (Compact Control Flow Integrity and Randomization), which addresses the main barriers to CFI adoption. CCFIR collects all legal targets of indirect control-transfer instructions, puts them into a dedicated "Springboard section" in a random order, and then limits indirect transfers to flow only to them. Using the Springboard section for targets, CCFIR can validate a target more simply and faster than traditional CFI, and provide support for on-site target-randomization as well as better com...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
© Springer International Publishing AG, part of Springer Nature 2018. Through memory vulnerabilities...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Abstract Constraining dynamic control transfers is a common technique for mitigating software vulner...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
We present a new system, KCoFI, that is the first we know of to provide complete Control-Flow Integr...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
© Springer International Publishing AG, part of Springer Nature 2018. Through memory vulnerabilities...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Abstract—Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijac...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Abstract Constraining dynamic control transfers is a common technique for mitigating software vulner...
Control-Flow Integrity (CFI) has been recognized as an important low-level security property. Its en...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
We present a new system, KCoFI, that is the first we know of to provide complete Control-Flow Integr...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Control-Flow Integrity (CFI) is an effective approach to mitigat-ing control-flow hijacking attacks....
© Springer International Publishing AG, part of Springer Nature 2018. Through memory vulnerabilities...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...