Code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (JOP) attacks, have become a great threat to the runtime security of ARM-based Internet of Things (IoT) devices. Attackers can utilize CRAs to hijack the control flow of programs in ARM-based IoT devices to make them perform malicious actions without injecting any codes. Control flow integrity (CFI) is an important cornerstone for the security of ARM-based IoT devices, as it enforces the correct control flow of devices and defends against CRAs. However, coarse-grained CFI schemes suffer from security issues, like key leakage and coarse-grained protection, which allows attackers to bypass their defenses. Meanwhile, fine-grained CFI schemes brin...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Nowadays, the growing pervasiveness of digital components and their interconnection in the so-called...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Software attacks like worm, botnet, and DDoS are the increasingly serious problems in IoT, which had...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute ...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Nowadays, the growing pervasiveness of digital components and their interconnection in the so-called...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Defenses such as Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), and sta...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Software attacks like worm, botnet, and DDoS are the increasingly serious problems in IoT, which had...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Runtime and control-flow attacks (such as code injection or return-oriented programming) constitute ...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...