[HTML][HTML] Diversification and obfuscation techniques for software security: A systematic literature review
Context: Diversification and obfuscation are promising techniques for securing software and
protecting computers from harmful malware. The goal of these techniques is not removing …
protecting computers from harmful malware. The goal of these techniques is not removing …
From hack to elaborate technique—a survey on binary rewriting
Binary rewriting is changing the semantics of a program without having the source code at
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
hand. It is used for diverse purposes, such as emulation (eg, QEMU), optimization (eg …
Software grand exposure:{SGX} cache attacks are practical
Intel SGX isolates the memory of security-critical applications from the untrusted OS.
However, it has been speculated that SGX may be vulnerable to side-channel attacks …
However, it has been speculated that SGX may be vulnerable to side-channel attacks …
The cybersecurity landscape in industrial control systems
Industrial control systems (ICSs) are transitioning from legacy-electromechanical-based
systems to modern information and communication technology (ICT)-based systems …
systems to modern information and communication technology (ICT)-based systems …
Sok: Eternal war in memory
Memory corruption bugs in software written in low-level languages like C or C++ are one of
the oldest problems in computer security. The lack of safety in these languages allows …
the oldest problems in computer security. The lack of safety in these languages allows …
Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications
Code reuse attacks such as return-oriented programming (ROP) have become prevalent
techniques to exploit memory corruption vulnerabilities in software programs. A variety of …
techniques to exploit memory corruption vulnerabilities in software programs. A variety of …
Jump over ASLR: Attacking branch predictors to bypass ASLR
Address Space Layout Randomization (ASLR) is a widely-used technique that protects
systems against a range of attacks. ASLR works by randomizing the offset of key program …
systems against a range of attacks. ASLR works by randomizing the offset of key program …
Control flow and code integrity for COTS binaries: An effective defense against real-world ROP attacks
Despite decades of sustained effort, memory corruption attacks continue to be one of the
most serious security threats faced today. They are highly sought after by attackers, as they …
most serious security threats faced today. They are highly sought after by attackers, as they …
Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization
Fine-grained address space layout randomization (ASLR) has recently been proposed as a
method of efficiently mitigating runtime attacks. In this paper, we introduce the design and …
method of efficiently mitigating runtime attacks. In this paper, we introduce the design and …
Practical control flow integrity and randomization for binary executables
Control Flow Integrity (CFI) provides a strong protection against modern control-flow
hijacking attacks. However, performance and compatibility issues limit its adoption. We …
hijacking attacks. However, performance and compatibility issues limit its adoption. We …