An application specific dynamic behaviour model using function-call sequence and memory access-graph for execution integrity verification

[1]  Mihai Budiu,et al.  Control-flow integrity principles, implementations, and applications , 2009, TSEC.

[2]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[3]  Martín Abadi,et al.  Architectural support for software-based protection , 2006, ASID '06.

[4]  Herbert Bos,et al.  Out of Control: Overcoming Control-Flow Integrity , 2014, 2014 IEEE Symposium on Security and Privacy.

[5]  Herbert Bos,et al.  Practical Context-Sensitive CFI , 2015, CCS.

[6]  Ahmad-Reza Sadeghi,et al.  C-FLAT: Control-Flow Attestation for Embedded Systems Software , 2016, CCS.

[7]  Bei Yu,et al.  TaintTrace: Efficient Flow Tracing with Dynamic Binary Rewriting , 2006, 11th IEEE Symposium on Computers and Communications (ISCC'06).

[8]  Ahmad-Reza Sadeghi,et al.  PAtt: Physics-based Attestation of Control Systems , 2019, RAID.

[9]  Mathias Payer,et al.  Control-Flow Integrity , 2017, ACM Comput. Surv..

[10]  Mingwei Zhang,et al.  Control Flow Integrity for COTS Binaries , 2013, USENIX Security Symposium.

[11]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[12]  Peng Ning,et al.  Remote attestation to dynamic system properties: Towards providing complete system integrity evidence , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[13]  Stephen S. Yau,et al.  An Approach to Concurrent Control Flow Checking , 1980, IEEE Transactions on Software Engineering.

[14]  James Newsome,et al.  Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.

[15]  Marianne M. Swanson,et al.  Standards for Security Categorization of Federal Information and Information Systems , 2004 .

[16]  Miguel Castro,et al.  Securing software by enforcing data-flow integrity , 2006, OSDI '06.

[17]  Calton Pu,et al.  TOCTTOU vulnerabilities in UNIX-style file systems: an anatomical study , 2005, FAST'05.

[18]  Gianluca Roascio,et al.  CFI: Control Flow Integrity or Control Flow Interruption? , 2019, 2019 IEEE East-West Design & Test Symposium (EWDTS).

[19]  Ahmad-Reza Sadeghi,et al.  Property-Based TPM Virtualization , 2008, ISC.

[20]  Johannes Winter,et al.  Trusted computing building blocks for embedded linux-based ARM trustzone platforms , 2008, STC '08.

[21]  Herbert Bos,et al.  Size Does Matter: Why Using Gadget-Chain Length to Prevent Code-Reuse Attacks is Hard , 2014, USENIX Security Symposium.

[22]  Jun Xu,et al.  Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.

[23]  Satish M. Thatte,et al.  Concurrent Checking of Program Flow in VLSI Processors , 1982, ITC.

[24]  Gang Shi,et al.  Function-Oriented Programming: A New Class of Code Reuse Attack in C Applications , 2018, 2018 IEEE Conference on Communications and Network Security (CNS).

[25]  Robert Tappan Morris,et al.  USENIX Association Proceedings of HotOS IX : The 9 th Workshop on Hot Topics in Operating Systems , 2003 .

[26]  David Zhang,et al.  Secure program execution via dynamic information flow tracking , 2004, ASPLOS XI.

[27]  William R. Harris,et al.  Efficient Protection of Path-Sensitive Control Security , 2017, USENIX Security Symposium.

[28]  John Paul Shen,et al.  Processor Control Flow Monitoring Using Signatured Instruction Streams , 1987, IEEE Transactions on Computers.

[29]  Chao Zhang,et al.  Practical Control Flow Integrity and Randomization for Binary Executables , 2013, 2013 IEEE Symposium on Security and Privacy.

[30]  Shambhu J. Upadhyaya,et al.  Concurrent Process Monitoring with No Reference Signatures , 1994, IEEE Trans. Computers.

[31]  Zhenkai Liang,et al.  Data-Oriented Programming: On the Expressiveness of Non-control Data Attacks , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[32]  James E. Smith,et al.  Measures of the Effectiveness of Fault Signature Analysis , 1980, IEEE Transactions on Computers.

[33]  Wouter Joosen,et al.  RIPE: runtime intrusion prevention evaluator , 2011, ACSAC '11.

[34]  Ahmad-Reza Sadeghi,et al.  Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection , 2014, USENIX Security Symposium.

[35]  Wei Zhang,et al.  Semantics-Based Online Malware Detection: Towards Efficient Real-Time Protection Against Malware , 2016, IEEE Transactions on Information Forensics and Security.

[36]  Frederic T. Chong,et al.  Minos: Control Data Attack Prevention Orthogonal to Memory Model , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[37]  Stefan Katzenbeisser,et al.  PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon , 2012, CHES.

[38]  Jie Yang,et al.  Origin-sensitive Control Flow Integrity , 2019, USENIX Security Symposium.