Smashing the stack protector for fun and profit
B Bierbaumer, J Kirsch, T Kittel, A Francillon… - ICT Systems Security …, 2018 - Springer
Software exploitation has been proven to be a lucrative business for cybercriminals.
Unfortunately, protecting software against attacks is a long-lasting endeavor that is still …
Unfortunately, protecting software against attacks is a long-lasting endeavor that is still …
Combating dependence explosion in forensic analysis using alternative tag propagation semantics
We are witnessing a rapid escalation in targeted cyber-attacks called Advanced and
Persistent Threats (APTs). Carried out by skilled adversaries, these attacks take place over …
Persistent Threats (APTs). Carried out by skilled adversaries, these attacks take place over …
{SHARD}:{Fine-Grained} Kernel Specialization with {Context-Aware} Hardening
With growing hardware complexity and ever-evolving user requirements, the kernel is
increasingly bloated which increases its attack surface. Despite its large size, for specific …
increasingly bloated which increases its attack surface. Despite its large size, for specific …
[PDF][PDF] Verified security for the Morello capability-enhanced prototype Arm architecture
Memory safety bugs continue to be a major source of security vulnerabilities in our critical
infrastructure. The CHERI project has proposed extending conventional architectures with …
infrastructure. The CHERI project has proposed extending conventional architectures with …
Heapcheck: Low-cost hardware support for memory safety
Programs written in C/C++ are vulnerable to memory-safety errors like buffer-overflows and
use-after-free. While several mechanisms to detect such errors have been previously …
use-after-free. While several mechanisms to detect such errors have been previously …
FH-CFI: Fine-grained hardware-assisted control flow integrity for ARM-based IoT devices
Code reuse attacks (CRAs), such as return-oriented programming (ROP) and jump-oriented
programming (JOP) attacks, have become a great threat to the runtime security of ARM …
programming (JOP) attacks, have become a great threat to the runtime security of ARM …
{DELF}: Safeguarding deletion correctness in Online Social Networks
Deletion is a core facet of Online Social Networks (OSNs). For users, deletion is a tool to
remove what they have shared and control their data. For OSNs, robust deletion is both an …
remove what they have shared and control their data. For OSNs, robust deletion is both an …
Reranz: A light-weight virtual machine to mitigate memory disclosure attacks
Recent code reuse attacks are able to circumvent various address space layout
randomization (ASLR) techniques by exploiting memory disclosure vulnerabilities. To …
randomization (ASLR) techniques by exploiting memory disclosure vulnerabilities. To …
A tutorial on moving target defense approaches within automotive cyber-physical systems
Moving Target Defenses (MTD) have become a popular and emerging defense strategy for
the protection of traditional information technology systems. By their very nature, MTD …
the protection of traditional information technology systems. By their very nature, MTD …
CCFI-cache: A transparent and flexible hardware protection for code and control-flow integrity
In this paper we present a hardware based solution to verify simultaneously Code and
Control-Flow Integrity (CCFI), aiming at protecting microcontrollers against both cyber-and …
Control-Flow Integrity (CCFI), aiming at protecting microcontrollers against both cyber-and …