Yan Lin - Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography)
Here you can read online Yan Lin - Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography) full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2021, publisher: Springer, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography): summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography)" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
In this book, we propose novel solutions to handle these three fundamental components. To generate a precise CFI policy without the support of the source code, we systematically study two methods which recover CFI policy based on function signature matching at the binary level and propose our novel rule- and heuristic-based mechanism to more accurately recover function signature. To embed CFI policy securely, we design a novel platform which encodes the policy into the machine instructions directly without relying on consulting any read-only data structure, by making use of the idea of instruction-set randomization. Each basic block is encrypted with a key derived from the CFG. To efficiently enforce CFI policy, we make use of a mature dynamic code optimization platform called DynamoRIO to enforce the policy so that we are only required to do the CFI check when needed.
Yan Lin: author's other books
Who wrote Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography)? Find out the surname, the name of the author of the book and a list of all author's works by series.
Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography) — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography)" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Information Security protecting information in potentially hostile environments is a crucial factor in the growth of information-based processes in industry, business, and administration. Cryptography is a key technology for achieving information security in communications, computer systems, electronic commerce, and in the emerging information society.
Springers Information Security & Cryptography (IS&C) book series covers all relevant topics, ranging from theory to advanced applications. The intended audience includes students, researchers and practitioners.
More information about this series at http://www.springer.com/series/4752
This Springer imprint is published by the registered company Springer Nature Switzerland AG
The registered company address is: Gewerbestrasse 11, 6330 Cham, Switzerland
This book is an introduction on how to make Control-Flow Integrity (CFI) fine-grained, practical, and efficient. CFI is an attractive security property with which most injected and code-reuse attacks can be defeated. Most CFI approaches use a coarse-grained policy, rely on memory page protection mechanism, and result in a large runtime overhead. This book is for those who want to explore more in the world of cybersecurity and want to have a better understanding of CFI.
An important aim of the book is to make readers have a basic concept on what CFI is, why we need it, and the issues for current CFI enforcements. The book is written and presented in a way that is directly accessible to all kinds of readers, no matter you are experts or freshmen in cybersecurity.
The book provides an overview of what CFI is and the issues of current enforcements. The readers can have a detailed understanding on why CFI is important in cybersecurity compared to other security enforcements. Each chapter discusses one possible issue of current CFI implementation and presents the corresponding solution. The reader can get more details about how CFI works from them and broaden their mind to find new solutions to mitigate these limitations.
In this chapter, we first introduce concepts and implementations of Control-Flow Integrity [], which is a fundamental approach to mitigating control-flow hijacking attacks, and then present practical issues of previous CFI systems and summarize how we address those problems.
Application is often written in memory-unsafe languages; this makes it prone to memory errors that are the primary attack vector to subvert systems. Many protection mechanisms including DEP (Data Execution Prevention [].
Natural protection against control-flow hijacking attacks is to enforce CFI (Control-Flow Integrity []. Next, a CFI check is inserted for indirect branches (e.g., indirect calls, indirect jumps, and returns). These checks ensure that all executed branches correspond to edges in the CFG at runtime. For instance, the valid targets of node 3 can only be either 5 or 6. If the adversary aims to redirect execution to node 4, CFI will immediately terminate the program execution.
Example of control-flow integrity
Font size:
Interval:
Bookmark:
Similar books «Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography)»
Look at similar books to Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography). We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Novel Techniques in Recovering, Embedding, and Enforcing Policies for Control-Flow Integrity (Information Security and Cryptography) and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.