Control-flow integrity principles, implementations, and applications-Reference-Cited by-同舟云学术

Control-flow integrity principles, implementations, and applications

Published:2009-10 Issue:1 Volume:13 Page:1-40
ISSN:1094-9224
Container-title:ACM Transactions on Information and System Security
language:en
Short-container-title:ACM Trans. Inf. Syst. Secur.

Author:

Abadi Martín¹,Budiu Mihai²,Erlingsson Úlfar³,Ligatti Jay⁴

Affiliation:

1. University of California, Santa Cruz and Microsoft Research, Santa Cruz, CA

2. Microsoft Research

3. Reykjavík University and Microsoft Research

4. University of South Florida, Tampa, FL

Abstract

Current software attacks often build on exploits that subvert machine-code execution. The enforcement of a basic safety property, control-flow integrity (CFI), can prevent such attacks from arbitrarily controlling program behavior. CFI enforcement is simple and its guarantees can be established formally, even with respect to powerful adversaries. Moreover, CFI enforcement is practical: It is compatible with existing software and can be done efficiently using software rewriting in commodity systems. Finally, CFI provides a useful foundation for enforcing further security policies, as we demonstrate with efficient software implementations of a protected shadow call stack and of access control for memory regions.

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/1609956.1609960

Reference74 articles.

1. A Theory of Secure Control Flow

2. Control-flow integrity

3. Apple Computer. 2003. Prebinding Notes. http://developer.apple.com/releasenotes/DeveloperTools/Prebinding.html. Apple Computer. 2003. Prebinding Notes. http://developer.apple.com/releasenotes/DeveloperTools/Prebinding.html.

Cited by 397 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. TrustGuard: Standalone FPGA-Based Security Monitoring Through Power Side-Channel;IEEE Transactions on Very Large Scale Integration (VLSI) Systems;2024-02

2. SiPGuard: Run-Time System-in-Package Security Monitoring via Power Noise Variation;IEEE Transactions on Very Large Scale Integration (VLSI) Systems;2024-02

3. A survey on the evolution of fileless attacks and detection techniques;Computers & Security;2024-02

4. AutoPwn: Artifact-Assisted Heap Exploit Generation for CTF PWN Competitions;IEEE Transactions on Information Forensics and Security;2024

5. Using Page Offsets for Detecting Control-Flow Anomalies;Innovative Security Solutions for Information Technology and Communications;2024