Part 6: Software SecurityInternational audienceRecently, code-reuse attack (CRA) is becoming the most prevalent attack vector which reuses fragments of existing code to make up malicious code. Recent studies show that CRAs especially jump-oriented programming (JOP) attacks are hard and costly to detect and protect from, especially on CISC processors. One reason for this is that the instructions of CISC architecture are of variable-length, and lots of unintended but legal instructions can be exploited by starting from in the middle of a legal instruction. This feature of CISC architectures makes the finding of so called gadgets for CRAs is much easier than that of RISC architectures. Most of previous studies for mitigating CRA on CISC proces...
Embedded system applications in diverse sectors such as transportation, healthcare, homeautomation, ...
International audienceFault attacks can target smart card programs to disrupt an execution and take ...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Abstract—Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs constr...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
When exploiting software vulnerabilities such as buffer overflows, code reuse techniques are often u...
Recently, there is a growing interest in the research community to employ tamper-resistant processor...
As computer software grow larger in size and complexity, there is an ever increasing concern over se...
Part 3: Attacks to Software and Network SystemsInternational audienceWe present a generic framework ...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Embedded system applications in diverse sectors such as transportation, healthcare, homeautomation, ...
International audienceFault attacks can target smart card programs to disrupt an execution and take ...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...
Embedded systems are being adopted in applications requiring mixed levels of criticality and securit...
Abstract—Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs constr...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
Code-reuse attacks are software exploits in which an attacker directs control flow through existing ...
When exploiting software vulnerabilities such as buffer overflows, code reuse techniques are often u...
Recently, there is a growing interest in the research community to employ tamper-resistant processor...
As computer software grow larger in size and complexity, there is an ever increasing concern over se...
Part 3: Attacks to Software and Network SystemsInternational audienceWe present a generic framework ...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
Embedded system applications in diverse sectors such as transportation, healthcare, homeautomation, ...
International audienceFault attacks can target smart card programs to disrupt an execution and take ...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...