Memory corruption errors in C/C++ programs remain the most common source of security
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …

Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …

As control-flow hijacking defenses gain adoption, it is important to understand the remaining
capabilities of adversaries via memory exploits. Non-control data exploits are used to mount …

We introduce Flip Feng Shui (FFS), a new exploitation vector which allows an attacker to
induce bit flips over arbitrary physical memory in a fully controlled way. FFS relies on …

Intel Software Guard Extensions (SGX) enables user-level code to create private memory
regions called enclaves, whose code and data are protected by the CPU from software and …

WebAssembly is an increasingly popular compilation target designed to run code in
browsers and on other platforms safely and securely, by strictly separating code and data …

Current Control-Flow Integrity (CFI) implementations track control edges individually,
insensitive to the context of preceding edges. Recent work demonstrates that this leaves …

Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs.
Control-Flow Integrity (CFI) solutions mitigate these attacks on the forward edge, ie, indirect …

Control flow integrity (CFI) has been proposed as an approach to defend against control-
hijacking memory corruption attacks. CFI works by assigning tags to indirect branch targets …

Memory deduplication, a well-known technique to reduce the memory footprint across virtual
machines, is now also a default-on feature inside the Windows 8.1 and Windows 10 …