Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse attacks, which utilize benign code sequences to realize arbitrary computation. Cur rent approaches can efficiently protect Control-flow transfers caused by indirect jumps and function calls (forward-edge CFI). However, they cannot effectively protect Control-flow caused by the function return (backward-edge CFI). The reason is that the set of return addresses of the functions that are frequently called can be very large, which might bend the backward-edge CFI. We address this backward-edge CFI problem by proposing a novel hardware-assisted mechanism (RAGuard) that binds a message authentication code to each return address and enhances security...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software o...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...
Control-flow integrity (CFI) is considered as a general and promising method to prevent code-reuse a...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Control-flow integrity (CFI) is a general defense against code-reuse exploits that currently constit...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software on...
Constraining dynamic control transfers is a common tech-nique for mitigating software vulnerabilitie...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Code-reuse attacks like return-oriented programming (ROP) pose a severe threat to modern software o...
Abstract—A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is ...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Adversaries exploit memory corruption vulnerabilities to hi-jack a program’s control flow and gain a...