Control-flow integrity: Precision, security, and performance
Memory corruption errors in C/C++ programs remain the most common source of security
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …
Code-pointer integrity
In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications
F Schuster, T Tendyck, C Liebchen… - … IEEE Symposium on …, 2015 - ieeexplore.ieee.org
Code reuse attacks such as return-oriented programming (ROP) have become prevalent
techniques to exploit memory corruption vulnerabilities in software programs. A variety of …
techniques to exploit memory corruption vulnerabilities in software programs. A variety of …
Jump over ASLR: Attacking branch predictors to bypass ASLR
D Evtyushkin, D Ponomarev… - 2016 49th Annual …, 2016 - ieeexplore.ieee.org
Address Space Layout Randomization (ASLR) is a widely-used technique that protects
systems against a range of attacks. ASLR works by randomizing the offset of key program …
systems against a range of attacks. ASLR works by randomizing the offset of key program …
Enforcing {Forward-Edge}{Control-Flow} integrity in {GCC} & {LLVM}
C Tice, T Roeder, P Collingbourne… - 23rd USENIX security …, 2014 - usenix.org
Constraining dynamic control transfers is a common technique for mitigating software
vulnerabilities. This defense has been widely and successfully used to protect return …
vulnerabilities. This defense has been widely and successfully used to protect return …
Stitching the gadgets: On the ineffectiveness of {Coarse-Grained}{Control-Flow} integrity protection
Return-oriented programming (ROP) offers a robust attack technique that has, not
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …
Readactor: Practical code randomization resilient to memory disclosure
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to
modern software. Designing practical and effective defenses against code-reuse attacks is …
modern software. Designing practical and effective defenses against code-reuse attacks is …
A tough call: Mitigating advanced code-reuse attacks at the binary level
Current binary-level Control-Flow Integrity (CFI) techniques are weak in determining the set
of valid targets for indirect control flow transfers on the forward edge. In particular, the lack of …
of valid targets for indirect control flow transfers on the forward edge. In particular, the lack of …
[PDF][PDF] Opaque Control-Flow Integrity.
A new binary software randomization and Control-Flow Integrity (CFI) enforcement system is
presented, which is the first to efficiently resist code-reuse attacks launched by informed …
presented, which is the first to efficiently resist code-reuse attacks launched by informed …
Where does it go? refining indirect-call targets with multi-layer type analysis
System software commonly uses indirect calls to realize dynamic program behaviors.
However, indirect-calls also bring challenges to constructing a precise control-flow graph …
However, indirect-calls also bring challenges to constructing a precise control-flow graph …