The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
With a wide spread of malicious software attacks, run-time stack has been drawing attention because it is one of the most vulnerable points in computer architecture. Conventional stack layout, in which local variables for user input and control flow data such as return address are saved close to each other, is often the root of the attack vulnerability. This paper proposes a simple finite state machine...
Software-based, fine-grain control flow integrity (CFI) validation technique has been proposed to enforce control flow integrity of program execution. By validating every indirect branch instruction, it can prevent various control flow attacks, but at the cost of non-trivial overhead: up to 50% and on average 21% as reported in a case study. We propose a new hardware mechanism to accelerate the CFI...
Although there are various ways to exploit software vulnerabilities for malicious attacks, the attacks always result in unexpected behavior in program execution, deviating from what the programmer/user intends to do. Program execution blindly follows the execution path specified by control flow transfer instructions with the targets generated at run-time without any validation. An enhancement is therefore...
Current micro-architecture blindly uses the address in the program counter to fetch and execute instructions without validating its legitimacy. Whenever this blind-folded instruction sequencing is not properly addressed at a higher level by system, it becomes a vulnerability of control data attacks, today's dominant and most critical security threats. To remedy it, this paper proposes a micro-architectural...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.