Add to ORKGCompilers are at the foundation of software security. On the one hand, compilers are an ideal place to secure software due to their knowledge of the programs under protection and their minimal requirements of developer efforts. We designed and implemented a highly efficient compiler-based Control-Flow Integrity (CFI) scheme for C++ virtual calls. The scheme introduces minimal performance and code bloat overhead even for programs that use virtual calls heavily, which make it more likely to be deployed to real-world programs that have strict requirements on performance and code size. On the other hand, compilers can also be detrimental to software security. We explored this direction by investigating the security implications of the dead stor...
In this work, we present several compiler optimizations to reduce the overhead due to software prote...
Abstract—Several defenses have increased the cost of tradi-tional, low-level attacks that corrupt co...
Obtaining secure systems software is notoriously hard. One reason is the continuing use of unsafe la...
Compilers are at the foundation of software security. On the one hand, compilers are an ideal place ...
Systems software written in C/C++ is plagued by bugs, which attackers exploit to gain control of sys...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
Presented on February 7, 2020 at 12:00 p.m. in the CODA building, 9th floor block atrium.Michael D. ...
Memory corruption attacks have haunted computer systems for decades. Attackers abuse subtle bugs in ...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Abstract—There is a significant body of work devoted to testing, verifying, and certifying the corre...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
There is implicit trust involved when using computer software. Open-source software attempts to insp...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Obtaining secure systems software is notoriously hard. One reason is the continuing use of unsafe la...
In this work, we present several compiler optimizations to reduce the overhead due to software prote...
Abstract—Several defenses have increased the cost of tradi-tional, low-level attacks that corrupt co...
Obtaining secure systems software is notoriously hard. One reason is the continuing use of unsafe la...
Compilers are at the foundation of software security. On the one hand, compilers are an ideal place ...
Systems software written in C/C++ is plagued by bugs, which attackers exploit to gain control of sys...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
Presented on February 7, 2020 at 12:00 p.m. in the CODA building, 9th floor block atrium.Michael D. ...
Memory corruption attacks have haunted computer systems for decades. Attackers abuse subtle bugs in ...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Abstract—There is a significant body of work devoted to testing, verifying, and certifying the corre...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
There is implicit trust involved when using computer software. Open-source software attempts to insp...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Obtaining secure systems software is notoriously hard. One reason is the continuing use of unsafe la...
In this work, we present several compiler optimizations to reduce the overhead due to software prote...
Abstract—Several defenses have increased the cost of tradi-tional, low-level attacks that corrupt co...
Obtaining secure systems software is notoriously hard. One reason is the continuing use of unsafe la...