Memory corruption vulnerabilities remain a grave threat to systems software written in C/C++. Current best practices dictate compiling programs with exploit mitigations such as stack canaries, address space layout randomization, and control-flow integrity. However, adversaries quickly find ways to circumvent such mitigations, sometimes even before these mitigations are widely deployed. In this paper, we focus on an "orthogonal" defense that amplifies the effectiveness of traditional exploit mitigations. The key idea is to create multiple diversified replicas of a vulnerable program and then execute these replicas in lockstep on identical inputs while simultaneously monitoring their behavior. A malicious input that causes the diversified rep...
We propose a new approach for reacting to a wide variety of software failures, ranging from remotely...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Memory corruption vulnerabilities remain a grave threat to systems software written in C/C++. Curren...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
In this thesis we explore methods for exploiting concurrency to improve the security and performance...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Abstract—The number and complexity of attacks on computer systems are increasing. This growth necess...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Memory error exploits rank among the most serious security threats. Of the plethora of memory error ...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Obtaining secure systems software is notoriously hard. One reason is the continuing use of unsafe la...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
We propose a new approach for reacting to a wide variety of software failures, ranging from remotely...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...
Memory corruption vulnerabilities remain a grave threat to systems software written in C/C++. Curren...
The complexity of computer programs has been increasing for multiple decades. As a result, the numbe...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
In this thesis we explore methods for exploiting concurrency to improve the security and performance...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Abstract—The number and complexity of attacks on computer systems are increasing. This growth necess...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Memory error exploits rank among the most serious security threats. Of the plethora of memory error ...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Obtaining secure systems software is notoriously hard. One reason is the continuing use of unsafe la...
Programs written in C and C++ are susceptible to a number of memory errors, including buffer overflo...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
We propose a new approach for reacting to a wide variety of software failures, ranging from remotely...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Un...