Nowadays, the growing pervasiveness of digital components and their interconnection in the so-called Internet of Things, raises serious questions regarding security and integrity not only of the data exchanged, but also of the devices themselves and the software they run. Code-Reuse Attacks (CRA) are one of the most powerful binary attack paradigms, aiming to exploit memory vulnerabilities such as buffer overflows to force the application to execute an unintended sequence of instructions present in memory. To counter such a kind of attacks, ensuring the program’s control-flow integrity (CFI) appears to be the most promising solution presented so far. A plethora of CFI implementations have been offered in the literature and by vendors, base...
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute ...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
Bugs are prevalent in a large amount of deployed software. These bugs often introduce vulnerabilitie...
Since the widespread adoption of the internet, computer security has become one of the primary conce...
The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-crit...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
CFI is a computer security technique that detects runtime attacks by monitoring a program's branchin...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute ...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
Bugs are prevalent in a large amount of deployed software. These bugs often introduce vulnerabilitie...
Since the widespread adoption of the internet, computer security has become one of the primary conce...
The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-crit...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
CFI is a computer security technique that detects runtime attacks by monitoring a program's branchin...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute ...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...