Sticky tags: Efficient and deterministic spatial memory error mitigation using persistent memory tags
Spatial memory errors such as buffer overflows still rank among the top vulnerabilities in
C/C++ programs. Despite much research in the area, the performance overhead of (even …
C/C++ programs. Despite much research in the area, the performance overhead of (even …
DangZero: efficient use-after-free detection via direct page table access
Use-after-free vulnerabilities remain difficult to detect and mitigate, making them a popular
source of exploitation. Existing solutions incur impractical performance/memory overhead …
source of exploitation. Existing solutions incur impractical performance/memory overhead …
Capacity: Cryptographically-enforced in-process capabilities for modern arm architectures
In-process compartmentalization and access control have been actively explored to provide
in-place and efficient isolation of in-process security domains. Many works have proposed …
in-place and efficient isolation of in-process security domains. Many works have proposed …
kMVX: Detecting kernel information leaks with multi-variant execution
Kernel information leak vulnerabilities are a major security threat to production systems.
Attackers can exploit them to leak confidential information such as cryptographic keys or …
Attackers can exploit them to leak confidential information such as cryptographic keys or …
Uncontained: Uncovering container confusion in the linux kernel
Type confusion bugs are a common source of security problems whenever software makes
use of type hierarchies, as an inadvertent downcast to an incompatible type is hard to detect …
use of type hierarchies, as an inadvertent downcast to an incompatible type is hard to detect …
Typro: Forward cfi for c-style indirect function calls using type propagation
Maliciously-overwritten function pointers in C programs often lead to arbitrary code
execution. In principle, forward CFI schemes mitigate this problem by restricting indirect …
execution. In principle, forward CFI schemes mitigate this problem by restricting indirect …
Mitigating information leakage vulnerabilities with type-based data isolation
Information leakage vulnerabilities (or simply info leaks) such as out-of-bounds/uninitialized
reads in the architectural or speculative domain pose a significant security threat, allowing …
reads in the architectural or speculative domain pose a significant security threat, allowing …
Top of the heap: Efficient memory error protection of safe heap objects
Heap memory errors remain a major source of software vulnerabilities. Existing memory
safety defenses aim at protecting all objects, resulting in high performance cost and …
safety defenses aim at protecting all objects, resulting in high performance cost and …
Automated use-after-free detection and exploit mitigation: How far have we gone?
C/C++ programs frequently encounter memory errors, such as Use-After-Free (UAF), buffer
overflow, and integer overflow. Among these memory errors, UAF vulnerabilities are …
overflow, and integer overflow. Among these memory errors, UAF vulnerabilities are …
xTag: Mitigating use-after-free vulnerabilities via software-based pointer tagging on Intel X86-64
Memory safety in complex applications implemented in unsafe programming languages
such as C/C++ is still an unresolved problem in practice. Such applications were often …
such as C/C++ is still an unresolved problem in practice. Such applications were often …