Publication

Block Oriented Programming: Automating Data-Only Attacks

Mathias Josef Payer
2018
Conference Papers

Abstract

With the widespread deployment of Control-Flow Integrity (CFI), control-flow hijacking attacks, and consequently code reuse attacks, are significantly more difficult. CFI limits control flow to well-known locations, severely restricting arbitrary code execution. Assessing the remaining attack surface of an application under advanced control-flow hijack defenses such as CFI and shadow stacks remains an open problem.

Official source

https://infoscience.epfl.ch/entities/publication/b1b076d9-7b59-496a-97be-abe34ac564d8

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Mathias Josef Payer
2018
Conference Papers

Abstract

Official source

https://infoscience.epfl.ch/entities/publication/b1b076d9-7b59-496a-97be-abe34ac564d8

About this result

Related concepts (32)

Return-oriented programming

Return-oriented programming (ROP) is a computer security exploit technique that allows an attacker to execute code in the presence of security defenses such as executable space protection and code signing. In this technique, an attacker gains control of the call stack to hijack program control flow and then executes carefully chosen machine instruction sequences that are already present in the machine's memory, called "gadgets". Each gadget typically ends in a return instruction and is located in a subroutine within the existing program and/or shared library code.

Control flow

In computer science, control flow (or flow of control) is the order in which individual statements, instructions or function calls of an imperative program are executed or evaluated. The emphasis on explicit control flow distinguishes an imperative programming language from a declarative programming language. Within an imperative programming language, a control flow statement is a statement that results in a choice being made as to which of two or more paths to follow.

Code reuse

In software development (and computer programming in general), code reuse, also called software reuse, is the use of existing software, or software knowledge, to build new software, following the reusability principles. Code reuse may be achieved by different ways depending on a complexity of a programming language chosen and range from a lower-level approaches like code copy-pasting (e.g. via snippets), simple functions (procedures or subroutines) or a bunch of objects or functions organized into modules (e.

Related publications (31)

Results on Sparse Integer Programming and Geometric Independent Sets

Jana Tabea Cslovjecsek

An integer linear program is a problem of the form max{c^T x : Ax=b, x >= 0, x integer}, where A is in Z^(n x m), b in Z^m, and c in Z^n. Solving an integer linear program is NP-hard in general, but there are several assumptions for which it becomes fixed ...

EPFL2023

2D Nanosystems: Applications of 2D Semiconductors for In-Memory Computing

Guilherme Migliato Marega

Machine learning and data processing algorithms have been thriving in finding ways of processing and classifying information by exploiting the hidden trends of large datasets. Although these emerging computational methods have become successful in today's ...

EPFL2023

How to Achieve Large-Area Ultra-Fast Operation of MoS 2 Monolayer Flash Memories?

Andras Kis, Aleksandra Radenovic, Yanfei Zhao, Zhenyu Wang, Guilherme Migliato Marega, Mukesh Kumar Tripathi, Hyungoo Ji, Asmund Kjellegaard Ottesen

Memory devices have returned to the spotlight due to increasing interest in using in-memory computing architectures to make data-driven algorithms more energy-efficient. One of the main advantages of this architecture is the efficient performance of vector ...

2023