Displaying 3 results from an estimated 3 matches for "ccfir".
2013 Aug 29
2
[LLVMdev] Adding diversity for security (and testing)
...alysis can improve the call graph results
to make the program even more secure).
I think diversity is a nice thing to have to provide defense in depth,
but I currently think that CFI will provide the most bang for the buck.
-- John T.
[1] http://www.cs.berkeley.edu/~dawnsong/papers/Oakland2013-CCFIR-CR.pdf
[2] http://www.eecs.harvard.edu/~greg/papers/cfiDataSandboxing.pdf
>
> Looking forward to seeing patches!
>
> Nick
>
>
> _______________________________________________
> LLVM Developers mailing list
> LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu
> ht...
2013 Aug 28
0
[LLVMdev] Adding diversity for security (and testing)
On 26 August 2013 11:39, Stephen Crane <sjcrane at uci.edu> wrote:
> Greetings LLVM Devs!
>
> I am a PhD student in the Secure Systems and Software Lab at UC
> Irvine. We have been working on adding randomness into code generation
> to create a diverse population of binaries. This diversity prevents
> code-reuse attacks such as return-oriented-programming (ROP) by
>
2013 Aug 26
10
[LLVMdev] Adding diversity for security (and testing)
Greetings LLVM Devs!
I am a PhD student in the Secure Systems and Software Lab at UC
Irvine. We have been working on adding randomness into code generation
to create a diverse population of binaries. This diversity prevents
code-reuse attacks such as return-oriented-programming (ROP) by
denying the attacker information about the exact code layout. ROP has
been used is several high-profile recent