Value-Based Constraint Control Flow Integrity
نویسندگان
چکیده
منابع مشابه
A Control Flow Integrity Based Trust Model
The notion of trust has traditionally been utilized at transaction level in order to bypass expensive security checks. In this paper, we extend the trust model to individual programs. Moreover, we develop a self assessment/monitoring framework for trust based on control flow integrity that can be incorporated into a compiler. We also extend the concept of Schneider’s enforceable security policy...
متن کاملOpaque Control-Flow Integrity
A new binary software randomization and ControlFlow Integrity (CFI) enforcement system is presented, which is the first to efficiently resist code-reuse attacks launched by informed adversaries who possess full knowledge of the inmemory code layout of victim programs. The defense mitigates a recent wave of implementation disclosure attacks, by which adversaries can exfiltrate in-memory code det...
متن کاملKnowledge-based Integrity Constraint Validation
One of the important means of specifying the semantics about data is via integrity constraints. Experience has shown that the conventional database approach to integrity constraint enforcement is not successful. In this paper, we demonstrate the feasibility and power of a knowledge-based approach to the efficiency problem of constraint validation. We propose a transformational mechanism which e...
متن کاملLockdown: Dynamic Control-Flow Integrity
Applications written in low-level languages without type or memory safety are especially prone to memory corruption. Attackers gain code execution capabilities through such applications despite all currently deployed defenses by exploiting memory corruption vulnerabilities. Control-Flow Integrity (CFI) is a promising defense mechanism that restricts open control-flow transfers to a static set o...
متن کاملCryptographically Enforced Control Flow Integrity
Recent Pwn2Own competitions have demonstrated the continued effectiveness of control hijacking attacks despite deployed countermeasures including stack canaries and ASLR. A powerful defense called Control flow Integrity (CFI) offers a principled approach to preventing such attacks. However, prior CFI implementations use static analysis and must limit protection to remain practical. These limita...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2020
ISSN: 2169-3536
DOI: 10.1109/access.2020.2980026