[PDF][PDF] ASLR on the Line: Practical Cache Attacks on the MMU.
Address space layout randomization (ASLR) is an important first line of defense against
memory corruption attacks and a building block for many modern countermeasures. Existing …
memory corruption attacks and a building block for many modern countermeasures. Existing …
{PAC} it up: Towards pointer integrity using {ARM} pointer authentication
Run-time attacks against programs written in memory-unsafe programming languages (eg,
C and C++) remain a prominent threat against computer systems. The prevalence of …
C and C++) remain a prominent threat against computer systems. The prevalence of …
Undermining information hiding (and what to do about it)
E Göktaş, R Gawlik, B Kollenda… - 25th USENIX Security …, 2016 - usenix.org
In the absence of hardware-supported segmentation, many state-of-the-art defenses resort
to “hiding” sensitive information at a random location in a very large address space. This …
to “hiding” sensitive information at a random location in a very large address space. This …
[PDF][PDF] Enabling client-side crash-resistance to overcome diversification and information hiding.
It is a well-known issue that attack primitives which exploit memory corruption vulnerabilities
can abuse the ability of processes to automatically restart upon termination. For example …
can abuse the ability of processes to automatically restart upon termination. For example …
Blankit library debloating: Getting what you want instead of cutting what you don't
Modern software systems make extensive use of libraries derived from C and C++. Because
of the lack of memory safety in these languages, however, the libraries may suffer from …
of the lack of memory safety in these languages, however, the libraries may suffer from …
Fine-cfi: fine-grained control-flow integrity for operating system kernels
J Li, X Tong, F Zhang, J Ma - IEEE Transactions on Information …, 2018 - ieeexplore.ieee.org
The operating system kernel is often the security foundation for the whole system. To prevent
attacks, control-flow integrity (CFI) has been proposed to ensure that any control transfer …
attacks, control-flow integrity (CFI) has been proposed to ensure that any control transfer …
Complete spatial safety for C and C++ using CHERI capabilities
A Richardson - 2020 - cl.cam.ac.uk
Lack of memory safety in commonly used systems-level languages such as C and C++
results in a constant stream of new exploitable software vulnerabilities and exploit …
results in a constant stream of new exploitable software vulnerabilities and exploit …
Decker: Attack surface reduction via on-demand code map**
Modern code reuse attacks take full advantage of bloated software. Attackers piece together
short sequences of instructions in otherwise benign code to carry out malicious actions …
short sequences of instructions in otherwise benign code to carry out malicious actions …
[책][B] The Continuing Arms Race: Code-Reuse Attacks and Defenses
P Larsen, AR Sadeghi - 2018 - dl.acm.org
As human activities have moved to the digital domain, so have all the well-known malicious
behaviors including fraud, theft, and other trickery. There is no silver bullet, and each …
behaviors including fraud, theft, and other trickery. There is no silver bullet, and each …
Probeguard: Mitigating probing attacks through reactive program transformations
Many modern defenses against code reuse rely on hiding sensitive data such as shadow
stacks in a huge memory address space. While much more efficient than traditional integrity …
stacks in a huge memory address space. While much more efficient than traditional integrity …