search for: ccfir

Displaying 3 results from an estimated 3 matches for "ccfir".

2013 Aug 29
2
[LLVMdev] Adding diversity for security (and testing)
...alysis can improve the call graph results to make the program even more secure). I think diversity is a nice thing to have to provide defense in depth, but I currently think that CFI will provide the most bang for the buck. -- John T. [1] http://www.cs.berkeley.edu/~dawnsong/papers/Oakland2013-CCFIR-CR.pdf [2] http://www.eecs.harvard.edu/~greg/papers/cfiDataSandboxing.pdf > > Looking forward to seeing patches! > > Nick > > > _______________________________________________ > LLVM Developers mailing list > LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu > ht...
2013 Aug 28
0
[LLVMdev] Adding diversity for security (and testing)
On 26 August 2013 11:39, Stephen Crane <sjcrane at uci.edu> wrote: > Greetings LLVM Devs! > > I am a PhD student in the Secure Systems and Software Lab at UC > Irvine. We have been working on adding randomness into code generation > to create a diverse population of binaries. This diversity prevents > code-reuse attacks such as return-oriented-programming (ROP) by >
2013 Aug 26
10
[LLVMdev] Adding diversity for security (and testing)
Greetings LLVM Devs! I am a PhD student in the Secure Systems and Software Lab at UC Irvine. We have been working on adding randomness into code generation to create a diverse population of binaries. This diversity prevents code-reuse attacks such as return-oriented-programming (ROP) by denying the attacker information about the exact code layout. ROP has been used is several high-profile recent