Code-reuse attacks are the leading mechanism by which attackers infiltrate systems. Various mitigation techniques have been proposed to defend against these attacks, the most prominent one being control-flow integrity (CFI). CFI is a principled approach that restricts all indirect control flows to adhere to a statically determined control-flow graph (CFG). CFI has gained widespread adoption in industry -- such as Microsoft Control Flow Guard and Intel Control-flow Enforcement Technology. However, recent attacks dubbed CFG mimicry attacks, like control flow bending and counterfeit object-oriented programming, have shown that code-reuse attacks are still possible without violating CFI. Furthermore, data-oriented programming (DOP) has generali...
The Snowden revelations of 2013 have shed some light on the extent of state-performed mass surveilla...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
User authentication is used to verify the identify of individuals attempting to gain access to a cer...
Computer security is a topic of paramount importance in computing today. Though enormous effort has ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Part 6: Source Code SecurityInternational audienceDespite being a more than 40-year-old dark art, co...
Hardware security is a serious emerging concern in chip designs and applications. Due to the globali...
Control-Flow Integrity (CFI) is effective at defending against prevalent control-flow hijacking atta...
Artificial faults have been proven useful to ensure software quality, enabling the simulation of its...
Protecting computing systems against cyberattacks should be put high on the agenda. For example, Col...
This dissertation is concerned with static analysis of binary executables in a theoretically well-fo...
The Snowden revelations of 2013 have shed some light on the extent of state-performed mass surveilla...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
User authentication is used to verify the identify of individuals attempting to gain access to a cer...
Computer security is a topic of paramount importance in computing today. Though enormous effort has ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Part 6: Source Code SecurityInternational audienceDespite being a more than 40-year-old dark art, co...
Hardware security is a serious emerging concern in chip designs and applications. Due to the globali...
Control-Flow Integrity (CFI) is effective at defending against prevalent control-flow hijacking atta...
Artificial faults have been proven useful to ensure software quality, enabling the simulation of its...
Protecting computing systems against cyberattacks should be put high on the agenda. For example, Col...
This dissertation is concerned with static analysis of binary executables in a theoretically well-fo...
The Snowden revelations of 2013 have shed some light on the extent of state-performed mass surveilla...
During a cyber-attack, an adversary executes offensive maneuvers to target computer systems. Particu...
User authentication is used to verify the identify of individuals attempting to gain access to a cer...