Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constitute a severe threat against diverse computing platforms. Existing CFI solutions (both in software and hardware) suffer from shortcomings such as (i) inefficiency, (ii) security weaknesses, or (iii) are not scalable. In this paper, we present a generic hardware-enhanced CFI scheme that tackles these problems and allows to enforce diverse CFI policies. Our approach fully supports multi-tasking, shared libraries, prevents various forms of code-reuse attacks, and allows CFI protected code and legacy code to co-exist. We evaluate our implementation on SPARC LEON3 and demonstrate its high efficiency
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so ...
Attacks on real-time embedded systems can endanger lives and critical infrastructure. Despite this, ...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
CFI is a computer security technique that detects runtime attacks by monitoring a program's branchin...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so ...
Attacks on real-time embedded systems can endanger lives and critical infrastructure. Despite this, ...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
CFI is a computer security technique that detects runtime attacks by monitoring a program's branchin...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Abstract. Applications written in low-level languages without type or memory safety are prone to mem...
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a program so ...
Attacks on real-time embedded systems can endanger lives and critical infrastructure. Despite this, ...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...