Attacks on real-time embedded systems can endanger lives and critical infrastructure. Despite this, techniques for securing embedded systems software have not been widely studied. Many existing security techniques for general-purpose computers rely on assumptions that do not hold in the embedded case. This paper focuses on one such technique, control-flow integrity (CFI), that has been vetted as an effective countermeasure against control-flow hijacking attacks on general-purpose computing systems. Without the process isolation and fine-grained memory protections provided by a general-purpose computer with a rich operating system, CFI cannot provide any security guarantees. This work proposes RECFISH, a system for providing CFI guarantees o...
Abstract—Control flow hijacking has been a major challenge in software security. Several means of pr...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
As embedded systems become more connected and more ubiquitous in mission- and safety-critical system...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
While security protections continue to be developed for general-purpose computers,real-time computin...
Devices built on embedded systems are widely used in our daily lives. Nowadays, firmware typically u...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-crit...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Abstract—Control flow hijacking has been a major challenge in software security. Several means of pr...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
As embedded systems become more connected and more ubiquitous in mission- and safety-critical system...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
While security protections continue to be developed for general-purpose computers,real-time computin...
Devices built on embedded systems are widely used in our daily lives. Nowadays, firmware typically u...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-crit...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Abstract—Control flow hijacking has been a major challenge in software security. Several means of pr...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...