Polymorphism and inheritance make C++ suitable for writing complex software, but significantly increase the attack surface because the implementation relies on virtual function tables (vtables). These vtables contain function pointers that attackers can potentially hijack and in practice, vtable hijacking is one of the most important attack vector for C++ binaries. In this paper, we present VTable Pointer Separation (vps), a practical binary-level defense against vtable hijacking in C++ applications. Unlike previous binary-level defenses, which rely on unsound static analyses to match classes to virtual callsites, vps achieves a more accurate protection by restricting virtual callsites to validly created objects. More specifically, vps ensu...
Systems code is often written in low-level languages like C/C++, which offer many benefits but also ...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Memory corruption vulnerabilities, such as stack-based buffer overflows, continue to be a major thre...
Polymorphism and inheritance make C++ suitable for writing complex software, but significantly incre...
Abstract-Several defenses have increased the cost of traditional, low-level attacks that corrupt con...
Web browsers are one of the most used, complex and popular software systems nowadays. They are prone...
© 2017 Association for Computing Machinery. We present, Vip, an approach to boosting the precision o...
VTable hijacking has lately been promoted to the de facto technique for exploiting C++ applications,...
VTable hijacking has lately been promoted to the de facto technique for exploiting C++ applications,...
Systems software written in C/C++ is plagued by bugs, which attackers exploit to gain control of sys...
We present, Vip, an approach to boosting the precision of Virtual call Integrity Protection for larg...
Evaluation data of the published paper: "VPS: Excavating High-Level C++ Constructs from Low-Level Bi...
Code reuse attacks such as return-oriented programming (ROP) have become prevalent techniques to exp...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Memory corruption attacks have haunted computer systems for decades. Attackers abuse subtle bugs in ...
Systems code is often written in low-level languages like C/C++, which offer many benefits but also ...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Memory corruption vulnerabilities, such as stack-based buffer overflows, continue to be a major thre...
Polymorphism and inheritance make C++ suitable for writing complex software, but significantly incre...
Abstract-Several defenses have increased the cost of traditional, low-level attacks that corrupt con...
Web browsers are one of the most used, complex and popular software systems nowadays. They are prone...
© 2017 Association for Computing Machinery. We present, Vip, an approach to boosting the precision o...
VTable hijacking has lately been promoted to the de facto technique for exploiting C++ applications,...
VTable hijacking has lately been promoted to the de facto technique for exploiting C++ applications,...
Systems software written in C/C++ is plagued by bugs, which attackers exploit to gain control of sys...
We present, Vip, an approach to boosting the precision of Virtual call Integrity Protection for larg...
Evaluation data of the published paper: "VPS: Excavating High-Level C++ Constructs from Low-Level Bi...
Code reuse attacks such as return-oriented programming (ROP) have become prevalent techniques to exp...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Memory corruption attacks have haunted computer systems for decades. Attackers abuse subtle bugs in ...
Systems code is often written in low-level languages like C/C++, which offer many benefits but also ...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Memory corruption vulnerabilities, such as stack-based buffer overflows, continue to be a major thre...