Control-flow integrity: Precision, security, and performance
Memory corruption errors in C/C++ programs remain the most common source of security
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …
Security vulnerabilities, attacks, countermeasures, and regulations of networked medical devices—A review
Over the last few years, healthcare administrations have been digitizing their provision of
care that led to an increased number of networked medical devices and medical telemetry …
care that led to an increased number of networked medical devices and medical telemetry …
{Control-Flow} bending: On the effectiveness of {Control-Flow} integrity
Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …
C-FLAT: control-flow attestation for embedded systems software
Remote attestation is a crucial security service particularly relevant to increasingly popular
IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a …
IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a …
Control flow and code integrity for COTS binaries: An effective defense against real-world ROP attacks
Despite decades of sustained effort, memory corruption attacks continue to be one of the
most serious security threats faced today. They are highly sought after by attackers, as they …
most serious security threats faced today. They are highly sought after by attackers, as they …
Enforcing {Forward-Edge}{Control-Flow} integrity in {GCC} & {LLVM}
C Tice, T Roeder, P Collingbourne… - 23rd USENIX security …, 2014 - usenix.org
Constraining dynamic control transfers is a common technique for mitigating software
vulnerabilities. This defense has been widely and successfully used to protect return …
vulnerabilities. This defense has been widely and successfully used to protect return …
Practical control flow integrity and randomization for binary executables
Control Flow Integrity (CFI) provides a strong protection against modern control-flow
hijacking attacks. However, performance and compatibility issues limit its adoption. We …
hijacking attacks. However, performance and compatibility issues limit its adoption. We …
Out of control: Overcoming control-flow integrity
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined
attackers from exploiting our software, interest in Control Flow Integrity (CFI) is growing. In its …
attackers from exploiting our software, interest in Control Flow Integrity (CFI) is growing. In its …
Riskranker: scalable and accurate zero-day android malware detection
Smartphone sales have recently experienced explosive growth. Their popularity also
encourages malware authors to penetrate various mobile marketplaces with malicious …
encourages malware authors to penetrate various mobile marketplaces with malicious …
Stitching the gadgets: On the ineffectiveness of {Coarse-Grained}{Control-Flow} integrity protection
Return-oriented programming (ROP) offers a robust attack technique that has, not
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …