Cryptocurrencies like Bitcoin not only provide a decentralized currency, but also provide a
programmatic way to process transactions. Ethereum, the second largest cryptocurrency …

As control-flow hijacking defenses gain adoption, it is important to understand the remaining
capabilities of adversaries via memory exploits. Non-control data exploits are used to mount …

In this chapter, we describe code-pointer integrity (CPI), a new design point that guarantees
the integrity of all code pointers in a program (eg, function pointers, saved return addresses) …

Data-oriented attacks manipulate non-control data to alter a program's benign behavior
without violating its control-flow integrity. It has been shown that such attacks can cause …

With the widespread deployment of Control-Flow Integrity (CFI), control-flow hijacking
attacks, and consequently code reuse attacks, are significantly more difficult. CFI limits …

System software commonly uses indirect calls to realize dynamic program behaviors.
However, indirect-calls also bring challenges to constructing a precise control-flow graph …

Memory corruption vulnerabilities are the root cause of many modern attacks. Existing
defense mechanisms are inadequate; in general, the software-based approaches are not …

Patches and related information about software vulnerabilities are often made available to
the public, aiming to facilitate timely fixes. Unfortunately, the slow paces of system updates …

The operation system kernel is the foundation of the whole system and is often the de facto
trusted computing base for many higher level security mechanisms. Unfortunately, kernel …

As control-flow hijacking is getting harder due to increasingly sophisticated CFI solutions,
recent work has instead focused on automatically building data-only attacks, typically using …