Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on diverse processor architectures. Designing practical and secure defenses against code-reuse attacks is highly challenging and currently subject to intense research. However, no secure and practical system-level solutions exist so far, since a large number of proposed defenses have been successfully bypassed. To tackle this attack, we present H AFIX (Hardware-Assisted Flow Integrity eXtension), a defense against code-reuse attacks exploiting backward edges (returns). H AFIX provides fine-grained and practical protection, and serves as an enabling technology for future control-flow integrity instantiations. This paper presents the implementati...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software o...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Code reuse techniques can circumvent existing security measures. For example, attacks such as Return...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software o...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented programming (...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Code reuse techniques can circumvent existing security measures. For example, attacks such as Return...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...