Formal approaches to secure compilation: A survey of fully abstract compilation and related work
Secure compilation is a discipline aimed at developing compilers that preserve the security
properties of the source programs they take as input in the target programs they produce as …
properties of the source programs they take as input in the target programs they produce as …
Code-pointer integrity
In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …
Control flow and code integrity for COTS binaries: An effective defense against real-world ROP attacks
Despite decades of sustained effort, memory corruption attacks continue to be one of the
most serious security threats faced today. They are highly sought after by attackers, as they …
most serious security threats faced today. They are highly sought after by attackers, as they …
Enforcing {Forward-Edge}{Control-Flow} integrity in {GCC} & {LLVM}
C Tice, T Roeder, P Collingbourne… - 23rd USENIX security …, 2014 - usenix.org
Constraining dynamic control transfers is a common technique for mitigating software
vulnerabilities. This defense has been widely and successfully used to protect return …
vulnerabilities. This defense has been widely and successfully used to protect return …
Practical control flow integrity and randomization for binary executables
Control Flow Integrity (CFI) provides a strong protection against modern control-flow
hijacking attacks. However, performance and compatibility issues limit its adoption. We …
hijacking attacks. However, performance and compatibility issues limit its adoption. We …
Out of control: Overcoming control-flow integrity
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined
attackers from exploiting our software, interest in Control Flow Integrity (CFI) is growing. In its …
attackers from exploiting our software, interest in Control Flow Integrity (CFI) is growing. In its …
Occlum: Secure and efficient multitasking inside a single enclave of intel sgx
Y Shen, H Tian, Y Chen, K Chen, R Wang… - Proceedings of the …, 2020 - dl.acm.org
Intel Software Guard Extensions (SGX) enables user-level code to create private memory
regions called enclaves, whose code and data are protected by the CPU from software and …
regions called enclaves, whose code and data are protected by the CPU from software and …
Stitching the gadgets: On the ineffectiveness of {Coarse-Grained}{Control-Flow} integrity protection
Return-oriented programming (ROP) offers a robust attack technique that has, not
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …
Modular control-flow integrity
Control-Flow Integrity (CFI) is a software-hardening technique. It inlines checks into a
program so that its execution always follows a predetermined Control-Flow Graph (CFG). As …
program so that its execution always follows a predetermined Control-Flow Graph (CFG). As …
Automatic Generation of {Data-Oriented} Exploits
As defense solutions against control-flow hijacking attacks gain wide deployment, control-
oriented exploits from memory errors become difficult. As an alternative, attacks targeting …
oriented exploits from memory errors become difficult. As an alternative, attacks targeting …