Memory corruption errors in C/C++ programs remain the most common source of security
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …

In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …

Despite decades of sustained effort, memory corruption attacks continue to be one of the
most serious security threats faced today. They are highly sought after by attackers, as they …

Constraining dynamic control transfers is a common technique for mitigating software
vulnerabilities. This defense has been widely and successfully used to protect return …

Current Control-Flow Integrity (CFI) implementations track control edges individually,
insensitive to the context of preceding edges. Recent work demonstrates that this leaves …

Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a
program so that its execution always follows a predetermined Control-Flow Graph (CFG). As …

Control-Flow Integrity (CFI) is an effective approach to mitigating control-flow hijacking
attacks. Conventional CFI techniques statically extract a control-flow graph (CFG) from a …

When protecting a computer system, it is often necessary to isolate an untrusted component
into a separate protection domain and provide only controlled interaction between the …

As modern 64-bit x86 processors no longer support the segmentation capabilities of their 32-
bit predecessors, most research projects assume that strong in-process memory isolation is …

Applications written in low-level languages without type or memory safety are prone to
memory corruption. Attackers gain code execution capabilities through memory corruption …