Search Results

Memory corruption vulnerabilities still allow compromising computers through software written in a memory-unsafe language such as C/C++. This highlights that mitigation techniques to prevent such exploitations are not all widely deployed. In this paper, ...

Deeply embedded systems powered by microcontrollers are becoming popular with the emergence of Internet-of-Things (IoT) technology. However, these devices primarily run C/C\({+}{+}\) code and are susceptible to memory bugs, which can potentially lead to ...

Physical attacks are powerful threats that can cause changes in the execution behavior of a program. Control-Flow Integrity (CFI) is used to check the program’s flow execution, ensuring that it remains unaltered by these attacks. The RISC-V Trace ...

Enforcing control flow integrity (CFI) in the kernel (kCFI) can prevent control-flow hijack attacks. Unfortunately, current kCFI approaches have high overhead or are inflexible and cannot support complex context-sensitive policies. To overcome these ...

The fourth industrial revolution has fundamentally altered the way we live, and social media has become a crucial channel for the promotion of brands through influencers. This study explored the relationship between a virtual ...

• Virtual influencer's attractiveness was not associated with purchase intention.

Control-Flow Integrity (CFI) is used to check at runtime that a program’s execution path follows its corresponding Control-Flow Graph (CFG) and is not altered by software or physical attacks. In addition to the CFI’s features, the Code and Control-...

Maliciously-overwritten function pointers in C programs often lead to arbitrary code execution. In principle, forward CFI schemes mitigate this problem by restricting indirect function calls to valid call targets only. However, existing forward CFI ...

Superficial femoral arteries (SFAs) treated with self-expanding stents are widely affected by in-stent restenosis (ISR), especially in case of long lesions and multiple overlapping devices. The altered ...

• Virtual stent implantation method based on mesh morphing.
• Hemodynamics ...

Shadow stacks play an important role in protecting return addresses to mitigate ROP attacks. Parallel shadow stacks, which shadow the call stack of each thread at the same constant offset for all threads, are known not to support multi-threading well. On ...

• Business intelligence has a significant effect on marketing through organizational learning.

Business Intelligence involves the strategies and technologies employed by businesses for the data analysis of business information. This study investigates the impact of Business Intelligence on the Marketing with emphasis on ...

Unsafe programming systems are still very popular, despite the shortcomings due to several published memory-corruption vulnerabilities. Toward defending memory corruption, compilers have started to employ advanced software hardening such as Control-flow ...

Recent works on Control-Flow Integrity (CFI) have mainly focused on Context-Sensitive CFI policies to provide higher security guarantees. They utilize a debugging hardware feature in modern Intel CPUs, Processor Trace (PT), to efficiently collect ...

This paper presents BackFlow, a compiler-based toolchain that enforces indirect backward edge control flow integrity for low-end ARM Cortex-M microprocessors. BackFlow is implemented within the Clang/LLVM compiler and supports the ARM instruction set and ...

Polymorphism and inheritance make C++ suitable for writing complex software, but significantly increase the attack surface because the implementation relies on virtual function tables (vtables). These vtables contain function pointers that attackers can ...

Despite being a more than 40-year-old dark art, control flow attacks remain a significant and attractive means of penetrating applications. Control Flow Integrity (CFI) prevents control flow attacks by forcing the execution path of a program to ...

Highly privileged software, such as firmware, is an attractive target for attackers. Thus, BIOS vendors use cryptographic signatures to ensure firmware integrity at boot time. Nevertheless, such protection does not prevent an attacker from exploiting ...

We present, VIP, an approach to boosting the precision of Virtual call Integrity Protection for large-scale real-world C++ programs (e.g., Chrome) by using pointer analysis for the first time. VIP introduces two new techniques: (1) a sound and scalable ...

Despite a long history and numerous proposed defenses, memory corruption attacks are still viable. A secure and low-overhead defense against return-oriented programming (ROP) continues to elude the security community. Currently proposed solutions still ...

Current low-level exploits often rely on code-reuse, whereby short sections of code gadgets are chained together into a coherent exploit that can be executed without the need to inject any code. Several protection mechanisms attempt to eliminate this ...

Most of existing control flow integrity efforts target keeping intended control flow in good integrity. However, they fail to expose hidden control flow that may be introduced by the execution of rootkits, ROP gadgets, etc. To overcome the challenge, we ...