Software running on an open architecture, such as the PC, is vulnerable to inspection and modification. Since software may process valuable or sensitive information, many defenses against data analysis and modification have been proposed. This paper complements existing work and focuses on hiding data location throughout program execution. To achieve this, we combine three techniques: (i) periodic reordering of the heap, (ii) migrating local variables from the stack to the heap and (iii) pointer scrambling. By essentialy flattening the dataflow graph of the program, the techniques serve to complicate static dataflow analysis and dynamic data tracking. Our methodology can be viewed as a data-oriented analogue of control-flow flattening techniq...
This report addresses de-obfuscation on programs. The targeted obfuscation scheme is the control flo...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Abstract. Protecting a software from unauthorized access is an ever de-manding task. Thus, in this p...
Software running on an open architecture, such as the PC, is vulnerable to inspection and modificatio...
Abstract—Software running on an open architecture, such as the PC, is vulnerable to inspection and m...
Data-oriented exploits are growing in popularity as defenders are closing attack vectorsrelated to c...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
sbhatkar,dand,sekar¡ Attacks which exploit memory programming errors (such as buffer overflows) are ...
This thesis examines code obfuscation techniques to protect software against analysis and unwanted m...
With more applications being deployed on embedded platforms, software protection becomes increasingl...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Software vulnerabilities widely exist among various software from operating system kernel to web bro...
This report addresses de-obfuscation on programs. The targeted obfuscation scheme is the control flo...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Abstract. Protecting a software from unauthorized access is an ever de-manding task. Thus, in this p...
Software running on an open architecture, such as the PC, is vulnerable to inspection and modificatio...
Abstract—Software running on an open architecture, such as the PC, is vulnerable to inspection and m...
Data-oriented exploits are growing in popularity as defenders are closing attack vectorsrelated to c...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
sbhatkar,dand,sekar¡ Attacks which exploit memory programming errors (such as buffer overflows) are ...
This thesis examines code obfuscation techniques to protect software against analysis and unwanted m...
With more applications being deployed on embedded platforms, software protection becomes increasingl...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Software vulnerabilities widely exist among various software from operating system kernel to web bro...
This report addresses de-obfuscation on programs. The targeted obfuscation scheme is the control flo...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Abstract. Protecting a software from unauthorized access is an ever de-manding task. Thus, in this p...