Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs.
Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge, ie, indirect …

System software commonly uses indirect calls to realize dynamic program behaviors.
However, indirect-calls also bring challenges to constructing a precise control-flow graph …

Programs are bloated. Our study shows that only 5% of libc is used on average across the
Ubuntu Desktop envi-ronment (2016 programs); the heaviest user, vlc media player, only …

Memory corruption vulnerabilities are the root cause of many modern attacks. Existing
defense mechanisms are inadequate; in general, the software-based approaches are not …

The low-level C++ programming language is ubiquitously used for its modularity and
performance. Typecasting is a fundamental concept in C++ (and object-oriented …

PHP applications provide various interfaces for end-users to interact with on the Web. They
thus are prone to taint-style vulnerabilities such as SQL injection and cross-site scripting. For …

CFI is an effective, generic defense against control-flow hijacking attacks, especially for
C/C++ programs. However, most previous CFI systems have poor security as demonstrated …

Control-flow integrity (CFI) is a promising technique to mitigate control-flow hijacking attacks.
In the past decade, dozens of CFI mechanisms have been proposed by researchers …

Type confusion, often combined with use-after-free, is the main attack vector to compromise
modern C++ software like browsers or virtual machines. Typecasting is a core principle that …

C++ relies on object type information for dynamic dispatch and casting. The association of
type information to an object is implemented via the virtual table pointer, which is stored in …