search for: kcofi

Displaying 7 results from an estimated 7 matches for "kcofi".

2015 Mar 16
2
[LLVMdev] GSOC:Control Flow integrity for kernal
Hi I want to pursue a project based to improve the existing KCoFI method which is the Control Flow integrity method for commodity os. Since KCoFI is a llvm based project I plan to undertake the project to improve the existing KCoFI method. Following are the improvements that I want to pursue: 1. To improve the call graph used in KCoFI. Implement a stronger call...
2015 Mar 26
2
[LLVMdev] GSOC project on KCoFI
Hi In my previous mail I mentioned the project on KCoFI( the control FLow integrity methods for commodity hardware http://sva.cs.illinois.edu/pubs/KCoFI-Oakland-2014.pdf ). Will it be more helpful to the community if I do the improvements number #1 and #3 mentioned in my previous mail to the mailing list or if i try to port it to arm architecture? I hav...
2016 Mar 22
0
GSoC and SAFECode
...e the use of combined safe/unsafe languages for OS kernels (without letting C code violate the safety provided by the safe language), and enforce dynamic security policies on kernel modules (to thwart rootkits). If you're interested in security projects on the kernel, you could enhance the KCoFI prototype to use a more accurate control-flow graph or to use code pointer integrity, or you could write optimizations for the software-fault isolation instrumentation (which would improve both KCoFI and Virtual Ghost, if you are familiar with those papers of mine). Does any of these projects s...
2016 Mar 22
2
GSoC and SAFECode
.../unsafe > languages for OS kernels (without letting C code violate the safety > provided by the safe language), and enforce dynamic security policies > on kernel modules (to thwart rootkits). > > If you're interested in security projects on the kernel, you could > enhance the KCoFI prototype to use a more accurate control-flow graph > or to use code pointer integrity, or you could write optimizations for > the software-fault isolation instrumentation (which would improve both > KCoFI and Virtual Ghost, if you are familiar with those papers of > mine). > > D...
2016 Mar 22
2
GSoC and SAFECode
Hi, everyone. I'm a senior at Swarthmore College and would love to work with LLVM this summer. I'm interested in systems languages and security, and I'll start a PhD on these topics this fall. I also do a good deal of open source development and auditing with OpenBSD and a variety of other projects. I spent last year's GSoC doing security auditing for Pidgin/libpurple. GSoC seems
2015 Sep 01
2
llvm cfi
...example , > I first need a program with vulnerability so that we can hijack its > control flow; > > then I enforce cfi of llvm and we can't hijack its control flow. > > Do you have any advice for me? > > > The CFI implementation we updated to work with x86-64 for the KCoFI > project is available at https://github.com/jtcriswell/SVA. You'll need > to create the exploit code (and potentially the vulnerability) yourself. > If you read the literature on CFI and memory safety (some of which is > cataloged at http://sva.cs.illinois.edu/menagerie), you shou...
2015 Sep 01
5
llvm cfi
I want to create an experiment to show the effectiveness of cfi : For example , I first need a program with vulnerability so that we can hijack its control flow; then I enforce cfi of llvm and we can't hijack its control flow. Do you have any advice for me? - mudongliang -------------- next part -------------- An HTML attachment was scrubbed... URL: