Software vulnerabilities widely exist among various software from operating system kernel to web browser, from PC to embedded device. The arms race is continuing between new vulnerability exploit techniques and new mitigations. The essential part of protecting software from compromising relies on system memory protection in specific ways. Addressing protection of system critical variables, heap layout, and user variables that are referenced freely from the kernel are the state-of-art challenges. This dissertation aims at protecting the above-mentioned vulnerabilities that exist in the wild and presents systematic mitigation solutions. For each specific vulnerability, our mitigation either leverages a new CPU features such as Intel SGX or an...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Unpredictable hardware faults and software bugs lead to application crashes, incorrect computations,...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Memory vulnerabilities and bugs become one of the most severe problem in today's system security.Due...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
The discrepancy between the abstract model used to reason about the security of computer systems and...
Memory forensics has become a powerful tool for the detection and analysis of malicious software. It...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
The security of computer systems depends in a fundamental way on the validity of assumptions made by...
One of the most prevalent, ancient and devastating vulnerabilities which is increasing rapidly is Me...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
Memory corruption attacks on SCADA devices can cause significant dis- ruptions to control systems an...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
Unpredictable hardware faults and software bugs lead to application crashes, incorrect computations,...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Memory vulnerabilities and bugs become one of the most severe problem in today's system security.Due...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
The discrepancy between the abstract model used to reason about the security of computer systems and...
Memory forensics has become a powerful tool for the detection and analysis of malicious software. It...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
The security of computer systems depends in a fundamental way on the validity of assumptions made by...
One of the most prevalent, ancient and devastating vulnerabilities which is increasing rapidly is Me...
Adversaries exploit software vulnerabilities in modern software to compromise computer systems. Whil...
Memory corruption attacks on SCADA devices can cause significant dis- ruptions to control systems an...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...