Memory corruption errors in C/C++ programs remain the most common source of security
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …

Software security defenses are routinely broken by the persistence of both security
researchers and attackers. Hardware solutions based on tagging are emerging as a …

Industrial control systems (ICSs) are transitioning from legacy-electromechanical-based
systems to modern information and communication technology (ICT)-based systems …

Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …

In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …

Code reuse attacks such as return-oriented programming (ROP) have become prevalent
techniques to exploit memory corruption vulnerabilities in software programs. A variety of …

Return Oriented Programming (ROP) has become the exploitation technique of choice for
modern memory-safety vulnerability attacks. Recently, there have been multiple attempts at …

Return-oriented programming (ROP) offers a robust attack technique that has, not
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …

Current Control-Flow Integrity (CFI) implementations track control edges individually,
insensitive to the context of preceding edges. Recent work demonstrates that this leaves …

TrustZone-based Real-time Kernel Protection (TZ-RKP) is a novel system that provides real-
time protection of the OS kernel using the ARM TrustZone secure world. TZ-RKP is more …