survey

Public Access

Control-Flow Integrity: Precision, Security, and Performance

Authors:

Stefan Brunthaler,

Mathias PayerAuthors Info & Claims

ACM Computing Surveys (CSUR), Volume 50, Issue 1

Article No.: 16, Pages 1 - 33

https://doi.org/10.1145/3054924

Published: 04 April 2017 Publication History

Abstract

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today’s systems. Control-flow hijacking attacks exploit memory corruption vulnerabilities to divert program execution away from the intended control flow. Researchers have spent more than a decade studying and refining defenses based on Control-Flow Integrity (CFI); this technique is now integrated into several production compilers. However, so far, no study has systematically compared the various proposed CFI mechanisms nor is there any protocol on how to compare such mechanisms. We compare a broad range of CFI mechanisms using a unified nomenclature based on (i) a qualitative discussion of the conceptual security guarantees, (ii) a quantitative security evaluation, and (iii) an empirical evaluation of their performance in the same test environment. For each mechanism, we evaluate (i) protected types of control-flow transfers and (ii) precision of the protection for forward and backward edges. For open-source, compiler-based implementations, we also evaluate (iii) generated equivalence classes and target sets and (iv) runtime performance.

References

[1]

Martin Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005a. Control-flow integrity: Principles, implementations, and applications. In ACM Conference on Computer and Communications Security (CCS’05).

Digital Library

[2]

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005b. A theory of secure control flow. In Proceedings of the 7th International Conference on Formal Methods and Software Engineering (ICFEM’05).

Digital Library

[3]

Orlando Arias, Lucas Davi, Matthias Hanreich, Yier Jin, Patrick Koeberl, Debayan Paul, Ahmad-Reza Sadeghi, and Dean Sullivan. 2015. HAFIX: Hardware-assisted flow integrity extension. In Annual Design Automation Conference (DAC’15).

[4]

John Aycock. 2003. A brief history of just-in-time. Computing Surveys 35, 2, 97--113.

Digital Library

[5]

David F. Bacon and Peter F. Sweeney. 1996. Fast static analysis of C++ virtual function calls. ACM SIGPLAN Notices 31, 10, 324--341.

Digital Library

[6]

James R. Bell. 1973. Threaded code. Communications of the ACM 16, 6, 370--372.

Digital Library

[7]

Tyler Bletsch, Xuxian Jiang, and Vince Freeh. 2011. Mitigating code-reuse attacks with control-flow locking. In Annual Computer Security Applications Conference (ACSAC’11). New York, NY.

Digital Library

[8]

Dimitar Bounov, Rami Kici, and Sorin Lerner. 2016. Protecting C++ dynamic dispatch through vtable interleaving. In Symposium on Network and Distributed System Security (NDSS’16).

[9]

Nicholas Carlini, Antonio Barresi, Mathias Payer, David Wagner, and Thomas R. Gross. 2015. Control-flow bending: On the effectiveness of control-flow integrity. In 24th USENIX Security Symposium, USENIX Security 15. Washington, D.C., August 12-14, 2015.

[10]

Nicholas Carlini and David Wagner. 2014. ROP is still dangerous: Breaking modern defenses. In USENIX Security Symposium.

[11]

Stephen Checkoway, Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Hovav Shacham, and Marcel Winandy. 2010. Return-oriented programming without returns. In ACM Conference on Computer and Communications Security (CCS).

Digital Library

[12]

Yueqiang Cheng, Zongwei Zhou, Yu Miao, Xuhua Ding, and Robert Huijie Deng. 2014. ROPecker: A generic and practical approach for defending against ROP attacks. In Symposium on Network and Distributed System Security (NDSS’14).

[13]

Nick Christoulakis, George Christou, Elias Athanasopoulos, and Sotiris Ioannidis. 2016. HCFI: Hardware-enforced control-flow integrity. In CODASPY’16.

Digital Library

[14]

Peter Collingbourne. 2015. LLVM—Control Flow Integrity. (2015). Retrieved March 1, 2017 from http://clang.llvm.org/docs/ControlFlowIntegrity.html.

[15]

Mauro Conti, Stephen Crane, Lucas Davi, Michael Franz, Per Larsen, Christopher Liebchen, Marco Negro, Mohaned Qunaibit, and Ahmad-Reza Sadeghi. 2015. Losing control: On the effectiveness of control-flow integrity under stack attacks. In ACM Conference on Computer and Communications Security (CCS’15).

Digital Library

[16]

John Criswell, Nathan Dautenhahn, and Vikram Adve. 2014a. KCoFI: Complete control-flow integrity for commodity operating system kernels. In 2014 IEEE Symposium on Security and Privacy.

Digital Library

[17]

John Criswell, Nathan Dautenhahn, and Vikram Adve. 2014b. KCoFI: Complete control-flow integrity for commodity operating system kernels. In IEEE Symposium on Security and Privacy (S8P).

Digital Library

[18]

Thurston H. Y. Dang, Petros Maniatis, and David Wagner. 2015. The performance cost of shadow stacks and stack canaries. In ACM Symposium on Information, Computer and Communications Security (ASIACCS’15).

Digital Library

[19]

Lucas Davi, Alexandra Dmitrienko, Manuel Egele, Thomas Fischer, Thorsten Holz, Ralf Hund, Stefan Nürnberger, and Ahmad-Reza Sadeghi. 2012. MoCFI: A framework to mitigate control-flow attacks on smartphones. In Symposium on Network and Distributed System Security (NDSS’12).

[20]

Lucas Davi, Patrick Koeberl, and Ahmad-Reza Sadeghi. 2014a. Hardware-assisted fine-grained control-flow integrity: Towards efficient protection of embedded systems against software exploitation. In Annual Design Automation Conference (DAC’14).

Digital Library

[21]

Lucas Davi, Daniel Lehmann, Ahmad-Reza Sadeghi, and Fabian Monrose. 2014b. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In USENIX Security Symposium.

[22]

Jeffrey Dean, David Grove, and Craig Chambers. 1995. Optimization of object-oriented programs using static class hierarchy analysis. In European Conference on Object-Oriented Programming (ECOOP’95).

[23]

Eddy H. Debaere and Jan M. van Campenhout. 1990. Interpretation and Instruction Path Coprocessing. MIT Press, Cambridge, MA.

[24]

Isaac Evans, Samuel Fingeret, Julian Gonzalez, Ulziibayar Otgonbaatar, Tiffany Tang, Howard Shrobe, Stelios Sidiroglou-Douskos, Martin Rinard, and Hamed Okhravi. 2015a. Missing the point: On the effectiveness of code pointer integrity. In IEEE Symposium on Security and Privacy (S8P’15).

Digital Library

[25]

Isaac Evans, Fan Long, Ulziibayar Otgonbaatar, Howard Shrobe, Martin Rinard, Hamed Okhravi, and Stelios Sidiroglou-Douskos. 2015b. Control jujutsu: On the weaknesses of fine-grained control flow integrity. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security.

Digital Library

[26]

Francisco Falcon. 2015. Exploiting Adobe Flash Player in the era of Control Flow Guard. BlackHat EU’15. Retrieved March 1, 2017 from https://www.blackhat.com/docs/eu-15/materials/eu-15-Falcon-Exploiting-Adobe-Flash-Player-In-The-Era-Of-Control-Flow-Guard.pdf.

[27]

Ivan Fratric. 2012. ROPGuard: Runtime Prevention of Return-Oriented Programming Attacks. Retrieved March 1, 2017 from http://www.ieee.hr/_download/repository/Ivan_Fratric.pdf. (2012).

[28]

Xinyang Ge, Nirupama Talele, Mathias Payer, and Trent Jaeger. 2016. Fine-grained control-flow integrity for kernel software. In IEEE European Symposium on Security and Privacy.

[29]

Enes Göktas, Elias Athanasopoulos, Herbert Bos, and Georgios Portokalidis. 2014. Out of control: Overcoming control-flow integrity. In IEEE Symposium on Security and Privacy (S8P’14).

Digital Library

[30]

David Grove and Craig Chambers. 2001. A framework for call graph construction algorithms. ACM Transactions on Programming Languages and Systems 23, 6, 685--746.

Digital Library

[31]

Brian Hackett and Alex Aiken. 2006. How is aliasing used in systems software? Proceedings of the 14th ACM SIGSOFT International Symposium on Foundations of Software Engineering. 69--80.

Digital Library

[32]

Ben Hardekopf and Calvin Lin. 2007. The ant and the grasshopper. In Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’07), Vol. 42. ACM Press, New York, NY, 290.

Digital Library

[33]

Ben Hardekopf and Calvin Lin. 2011. Flow-sensitive pointer analysis for millions of lines of code. In International Symposium on Code Generation and Optimization (CGO’11). IEEE, 289--298.

[34]

Michael Hind. 2001. Pointer analysis. In Proceedings of the 2001 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’01). ACM Press, New York, NY, 54--61.

Digital Library

[35]

Michael Hind and Anthony Pioli. 2000. Which pointer analysis should I use? ACM SIGSOFT Software Engineering Notes 25, 5, 113--123.

Digital Library

[36]

Urs Hölzle and David Ungar. 1994. Optimizing dynamically-dispatched calls with run-time type feedback. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’94).

Digital Library

[37]

Intel Inc. 2013. Intel 64 and IA-32 Architectures. Software Developer’s Manual.

[38]

Dongseok Jang, Zachary Tatlock, and Sorin Lerner. 2014. SAFEDISPATCH: Securing C++ virtual calls from memory corruption attacks. In Symposium on Network and Distributed System Security (NDSS’14).

[39]

Vladimir Kiriansky. 2013. Secure Execution Environment via Program Shepherding. Master’s thesis. Massachusetts Institute of Technology, Cambridge, MA.

[40]

Vladimir Kiriansky, Derek Bruening, and Saman Amarasinghe. 2002. Secure execution via program shepherding. In USENIX Security Symposium.

Digital Library

[41]

Peter M. Kogge. 1982. An architectural trail to threaded-code systems. Computer 15, 3, 22--32.

Digital Library

[42]

Per Larsen, Andrei Homescu, Stefan Brunthaler, and Michael Franz. 2014. SoK: Automated software diversity. In IEEE Symposium on Security and Privacy (S8P’14).

Digital Library

[43]

O. Lhoták and Laurie Hendren. 2006. Context-sensitive points-to analysis: Is it worth it? Compiler Construction 47--64.

[44]

Ali José Mashtizadeh, Andrea Bittau, Dan Boneh, and David Mazières. 2015. CCFI: Cryptographically enforced control flow integrity. In ACM Conference on Computer and Communications Security (CCS’15).

Digital Library

[45]

Bill McCarty. 2004. SELinux: NSA’s Open Source Security Enhanced Linux. O’Reilly Media, Inc., Sebastopol, CA.

[46]

Microsoft. 2006. Data Execution Prevention (DEP). Retrieved March 1, 2017 from http://support.microsoft.com/kb/875352/EN-US/.

[47]

Microsoft. 2015a. Visual Studio 2015—Compiler Options—Enable Control Flow Guard. Retrieved March 1, 2017 from https://msdn.microsoft.com/en-us/library/dn919635.aspx.

[48]

Microsoft. 2015b. SetProcessValidCallTargets function. Retrieved March 1, 2017 from https://msdn.microsoft.com/en-us/enus/library/windows/desktop/dn934202(v=vs.85).aspx. (2015).

[49]

Ana Milanova, Atanas Rountev, and Barbara G. Ryder. 2002. Parameterized object sensitivity for points-to and side-effect analyses for java. ACM SIGSOFT Software Engineering Notes 27, 4 (2002), 1.

Digital Library

[50]

Markus Mock, Manuvir Das, Craig Chambers, and Susan J. Eggers. 2001. Dynamic points-to sets. In ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’01).

Digital Library

[51]

Vishwath Mohan, Per Larsen, Stefan Brunthaler, Kevin Hamlen, and Michael Franz. 2015. Opaque control-flow integrity. In Symposium on Network and Distributed System Security (NDSS’15).

[52]

Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Martin, and Steve Zdancewic. 2009. SoftBound: Highly compatible and complete spatial memory safety for C. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’09).

Digital Library

[53]

Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Martin, and Steve Zdancewic. 2010. CETS: Compiler enforced temporal safety for C. In ISMM’10.

Digital Library

[54]

Flemming Nielson, Hanne Riis Nielson, and Chris Hankin. 1999. Principles of Program Analysis. Springer, Berlin.

[55]

Flemming Nielson, Hanne R. Nielson, and Chris Hankin. 2009. Principles of Program Analysis. Springer, New York, NY.

[56]

Ben Niu and Gang Tan. 2014a. Modular control-flow integrity. In ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’14).

Digital Library

[57]

Ben Niu and Gang Tan. 2014b. RockJIT: Securing just-in-time compilation using modular control-flow integrity. In ACM Conference on Computer and Communications Security (CCS’14).

Digital Library

[58]

Ben Niu and Gang Tan. 2015a. MCFI readme. Retrieved March 1, 2017 from https://github.com/mcfi/MCFI/blob/master/README.md.

[59]

Ben Niu and Gang Tan. 2015b. Per-input control-flow integrity. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. Denver, CO, October 12--6, 2015.

Digital Library

[60]

Vasilis Pappas, Michalis Polychronakis, and Angelos D. Keromytis. 2013. Transparent ROP exploit mitigation using indirect branch tracing. In USENIX Security Symposium.

[61]

Baiju Patel. 2016. Intel releases new technology specifications to protect against ROP attacks. Retrieved March 1, 2017 from http://blogs.intel.com/evangelists/2016/06/09/intel-release-new-technology-specifications-protect-rop-attacks/.

[62]

PaX-Team. 2003a. PaX ASLR (Address Space Layout Randomization). Retrieved March 1, 2017 from http://pax.grsecurity.net/docs/aslr.txt.

[63]

PaX-Team. 2003b. PaX Future. Retrieved March 1, 2017 from https://pax.grsecurity.net/docs/pax-future.txt.

[64]

Mathias Payer, Antonio Barresi, and Thomas R. Gross. 2015. Fine-grained control-flow integrity through binary hardening. In Proceedings of the 12th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA’15). Milan, Italy, July 9--10, 2015.

Digital Library

[65]

Jannik Pewny and Thorsten Holz. 2013. Control-flow restrictor: Compiler-based CFI for iOS. In Annual Computer Security Applications Conference (ACSAC’13).

Digital Library

[66]

Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage. 2012. Return-oriented programming: Systems, languages, and applications. ACM Transactions on Information System Security 15.

Digital Library

[67]

Erven Rohou, Bharath Narasimha Swamy, and André Seznec. 2015. Branch prediction and the performance of interpreters: Don’t trust folklore. In IEEE/ACM International Symposium on Code Generation and Optimization (CGO’15).

[68]

Atanas Rountev, Scott Kagan, and Michael Gibas. 2004. Evaluating the imprecision of static analysis. In Proceedings of the ACM-SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering (PASTE’04). ACM Press, New York, NY, 14.

Digital Library

[69]

Andrei Sabelfeld and A. C. Myers. 2003. Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21, 1, 5--19.

Digital Library

[70]

Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi, and Thorsten Holz. 2015. Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications. In IEEE Symposium on Security and Privacy (S8P’15).

Digital Library

[71]

Hovav Shacham. 2007. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In CCS’07.

[72]

Micha Sharir and Amir Pnueli. 1981. Two approaches to interprocedural data flow analysis. In Program Flow Analysis, Steven S. Muchnick and Neil D. Jones (Eds.). Prentice Hall, Upper Saddle River, NJ.

[73]

Yannis Smaragdakis and George Balatsouras. 2015. Pointer analysis. Foundations and Trends in Programming Languages 2, 1, 1--69.

Digital Library

[74]

Yannis Smaragdakis, Martin Bravenboer, and Ondrej Lhoták. 2011. Pick your contexts well. ACM SIGPLAN Notices 46, 1, 17.

Digital Library

[75]

Dean Sullivan, Orlando Arias, Lucas Davi, Per Larsen, Ahmad-Reza Sadeghi, and Yier Jin. 2016. Strategy without tactics: Policy-agnostic hardware-enhanced control-flow integrity. In Annual Design Automation Conference (DAC’16).

Digital Library

[76]

Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. SoK: Eternal war in memory. In IEEE Symposium on Security and Privacy (S8P’13).

Digital Library

[77]

Caroline Tice, Tom Roeder, Peter Collingbourne, Stephen Checkoway, Úlfar Erlingsson, Luis Lozano, and Geoff Pike. 2014. Enforcing forward-edge control-flow integrity in GCC 8 LLVM. In USENIX Security Symposium.

[78]

Frank Tip and Jens Palsberg. 2000. Scalable propagation-based call graph construction algorithms. ACM SIGPLAN Notices 35, 10, 281--293.

Digital Library

[79]

Arjan van de Ven and Ingo Molnar. 2004. Exec Shield. Retrieved March 1, 2017 from https://www.redhat.com/f/pdf/rhel/WHP0006US_Execshield.pdf. (2004).

[80]

Victor van der Veen, Dennis Andriesse, Enes Göktaş, Ben Gras, Lionel Sambuc, Asia Slowinska, Herbert Bos, and Cristiano Giuffrida. 2015. PathArmor: Practical ROP protection using context-sensitive CFI. In ACM Conference on Computer and Communications Security (CCS’15).

[81]

Zhi Wang and Xuxian Jiang. 2010. HyperSafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In IEEE S8P’10.

Digital Library

[82]

David Weston and Matt Miller. 2016. Windows 10 Mitigation Improvements. BlackHat’16. Retrieved March 1, 2017 from https://www.blackhat.com/docs/us-16/materials/us-16-Weston-Windows-10-Mitigation-Improvements.pdf.

[83]

Yubin Xia, Yutao Liu, Haibo Chen, and Binyu Zang. 2012. CFIMon: Detecting violation of control flow integrity using performance counters. In IEEE/IFIP Conference on Dependable Systems and Networks (DSN’12).

[84]

Pinghai Yuan, Qingkai Zeng, and Xuhua Ding. 2015. Hardware-assisted fine-grained code-reuse attack detection. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID’15).

Digital Library

[85]

Chao Zhang, Chengyu Song, Kevin Zhijie Chen, Zhaofeng Chen, and Dawn Song. 2015. VTint: Defending virtual function tables’ integrity. In Symposium on Network and Distributed System Security (NDSS’15).

[86]

Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song, and Wei Zou. 2013. Practical control flow integrity 8 randomization for binary executables. In IEEE Symposium on Security and Privacy (S8P’13).

[87]

Mingwei Zhang and R. Sekar. 2013. Control flow integrity for COTS binaries. In USENIX Security Symposium.

Cited By

Li WWang WLi S(2024)CFIEE: An Open-Source Critical Metadata Extraction Tool for RISC-V Hardware-Based CFI SchemesElectronics10.3390/electronics1309168113:9(1681)Online publication date: 26-Apr-2024
https://doi.org/10.3390/electronics13091681
Kasten FZieris PHorsch J(2024)Integrating Static Analyses for High-Precision Control-Flow IntegrityProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678920(419-434)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678920
Peng AFang DGuan LKouwe ELi YWang WSun LZhang Y(2024)Bitmap-Based Security Monitoring for Deeply Embedded SystemsACM Transactions on Software Engineering and Methodology10.1145/367246033:7(1-31)Online publication date: 18-Jun-2024
https://dl.acm.org/doi/10.1145/3672460
Show More Cited By

Index Terms

Control-Flow Integrity: Precision, Security, and Performance
1. General and reference
  1. Document types
    1. Surveys and overviews
2. Security and privacy
  1. Software and application security
  2. Systems security
    1. Information flow control

Recommendations

Enforcing Unique Code Target Property for Control-Flow Integrity
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

The goal of control-flow integrity (CFI) is to stop control-hijacking attacks by ensuring that each indirect control-flow transfer (ICT) jumps to its legitimate target. However, existing implementations of CFI have fallen short of this goal because ...
Control-Flow Hijacking: Are We Making Progress?
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Memory corruption errors in C/C++ programs remain the most common source of security vulnerabilities in today's systems. Over the last 10+ years the security community developed several defenses [4]. Data Execution Prevention (DEP) protects against code ...
Control-Flow Carrying Code
Asia CCS '19: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security

Control-Flow Integrity~(CFI) is an effective approach in mitigating control-flow hijacking attacks including code-reuse attacks. Most conventional CFI techniques use memory page protection mechanism, Data Execution Prevention~(DEP), as an underlying ...

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 50, Issue 1

January 2018

588 pages

ISSN:0360-0300

EISSN:1557-7341

DOI:10.1145/3058791

Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering / University of Florida / Gainesville, FL 32611

Issue’s Table of Contents

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 April 2017

Accepted: 01 January 2017

Revised: 01 December 2016

Received: 01 April 2016

Published in CSUR Volume 50, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Survey
Research
Refereed

Funding Sources

Defense Advanced Research Projects Agency (DARPA)
National Science Foundation
COMET K1 of the Austrian Research Promotion Agency (FFG)

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

169
Total Citations
View Citations
5,168
Total Downloads

Downloads (Last 12 months)1,282
Downloads (Last 6 weeks)174

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li WWang WLi S(2024)CFIEE: An Open-Source Critical Metadata Extraction Tool for RISC-V Hardware-Based CFI SchemesElectronics10.3390/electronics1309168113:9(1681)Online publication date: 26-Apr-2024
https://doi.org/10.3390/electronics13091681
Kasten FZieris PHorsch J(2024)Integrating Static Analyses for High-Precision Control-Flow IntegrityProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678920(419-434)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678920
Peng AFang DGuan LKouwe ELi YWang WSun LZhang Y(2024)Bitmap-Based Security Monitoring for Deeply Embedded SystemsACM Transactions on Software Engineering and Methodology10.1145/367246033:7(1-31)Online publication date: 18-Jun-2024
https://dl.acm.org/doi/10.1145/3672460
Zhao LShuang HXu SHuang WCui RBettadpur PLie D(2024)A Survey of Hardware Improvements to Secure Program ExecutionACM Computing Surveys10.1145/367239256:12(1-37)Online publication date: 12-Jun-2024
https://dl.acm.org/doi/10.1145/3672392
Becker GEisenbarth TFederrath HFischer MLoose NOtt SPecholt JMarwedel SMeyer DStijohann JTalpur AVallentin M(2024)SOVEREIGN - Towards a Holistic Approach to Critical Infrastructure ProtectionProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3671410(1-9)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3671410
Orthen BBraunsdorf OZieris PHorsch J(2024)SoftBound+CETS RevisitedProceedings of the 17th European Workshop on Systems Security10.1145/3642974.3652285(22-28)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3642974.3652285
Dash PLi GKarimibiuki MPattabiraman KQuek TGao DZhou JCardenas A(2024)Diagnosis-guided Attack Recovery for Securing Robotic Vehicles from Sensor Deception AttacksProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3644997(915-929)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3644997
Shcherbakov MMoosbrugger PBalliu MChua TNgo CKa-Wei Lee RKumar RLauw H(2024)Unveiling the Invisible: Detection and Evaluation of Prototype Pollution Gadgets with Dynamic Taint AnalysisProceedings of the ACM Web Conference 202410.1145/3589334.3645579(1800-1811)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645579
Llorente-Vazquez OSantos-Grueiro IPastor-Lopez IGarcia Bringas P(2024)Detection, exploitation and mitigation of memory errorsLogic Journal of the IGPL10.1093/jigpal/jzae00832:2(281-292)Online publication date: 16-Mar-2024
https://doi.org/10.1093/jigpal/jzae008
Kim SJin HJoo KLee JLee D(2024)DROPSYS: Detection of ROP attacks using system informationComputers & Security10.1016/j.cose.2024.103813140(103813)Online publication date: May-2024
https://doi.org/10.1016/j.cose.2024.103813
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents