Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present HAFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). HAFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the impleme...
Code reuse techniques can circumvent existing security measures. For example, attacks such as Return...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
This book provides an in-depth look at return-oriented programming attacks. It explores several conv...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
Code reuse techniques can circumvent existing security measures. For example, attacks such as Return...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
This book provides an in-depth look at return-oriented programming attacks. It explores several conv...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
Code reuse techniques can circumvent existing security measures. For example, attacks such as Return...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Return-oriented programming (ROP) offers a robust attack technique that has, not surprisingly, been ...