In recent days, malwares are advanced, sophisticatedly engineered to attack the target. Most
of such advanced malwares are highly persistent and capable of esca** from the security …

This paper provides a systematic exploration of Control Flow Integrity (CFI) and Control Flow
Attestation (CFA) mechanisms, examining their differences and relationships. It addresses …

It is well-known that static disassembly is an unsolved problem, but how much of a problem
is it in real software—for instance, for binary protection schemes? This work studies the …

Function type signatures are important for binary analysis, but they are not available in
COTS binaries. In this paper, we present a new system called EKLAVYA which trains a …

System software commonly uses indirect calls to realize dynamic program behaviors.
However, indirect-calls also bring challenges to constructing a precise control-flow graph …

The goal of control-flow integrity (CFI) is to stop control-hijacking attacks by ensuring that
each indirect control-flow transfer (ICT) jumps to its legitimate target. However, existing …

Disassembly of binary code is hard, but necessary for improving the security of binary
software. Over the past few decades, research in binary disassembly has produced many …

As modern 64-bit x86 processors no longer support the segmentation capabilities of their 32-
bit predecessors, most research projects assume that strong in-process memory isolation is …

Static binary rewriting is a core technology for many systems and security applications,
including profiling, optimization, and software fault isolation. While many static binary …

Binary type inference is a critical reverse engineering task supporting many security
applications, including vulnerability analysis, binary hardening, forensics, and …