all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Control-Flow Integrity at RISC: Attacking RISC-V by Jump-Oriented Programming. (arXiv:2211.16212v1 [cs.CR])

Add to bookmarks
Nov. 30, 2022, 2:10 a.m. | Olivier Gilles, Franck Viguier, Nikolai Kosmatov, Daniel Gracia Pérez

cs.CR updates on arXiv.org arxiv.org

RISC-V is an open instruction set architecture recently developed for
embedded real-time systems. To achieve a lasting security on these systems and
design efficient countermeasures, a better understanding of vulnerabilities to
novel and potential future attacks is mandatory. This paper demonstrates that
RISC-V is sensible to Jump-Oriented Programming, a class of complex code-reuse
attacks, able to bypass existing protections. We provide a first analysis of
RISC-V systems' attack surface exploitable by such attacks, and show how they
can be chained …

control flow integrity programming

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Mixtures of Gaussians are Privately Learnable with a Polynomial Number of Samples 1 day, 12 hours ago | arxiv.org
alpha arxiv cs.cr cs.ds +16
Image Hijacks: Adversarial Images can Control Generative Models at Runtime 1 day, 12 hours ago | arxiv.org
adversarial algorithm arxiv can +20
Differentially-Private Data Synthetisation for Efficient Re-Identification Risk Control 1 day, 12 hours ago | arxiv.org
addition arxiv can computational +21
Decoding the MITRE Engenuity ATT&CK Enterprise Evaluation: An Analysis of EDR Performance in Real-World Environments 1 day, 12 hours ago | arxiv.org
analysis and response apt arxiv +27
Okapi: Efficiently Safeguarding Speculative Data Accesses in Sandboxed Environments 1 day, 12 hours ago | arxiv.org
architecture arxiv attacks can +12
Watch Out! Simple Horizontal Class Backdoors Can Trivially Evade Defenses 1 day, 12 hours ago | arxiv.org
activates arxiv attacks backdoor +20
Every Breath You Don't Take: Deepfake Speech Detection Using Breath 1 day, 12 hours ago | arxiv.org
aid arxiv cs.cr cs.mm +16
Perturbing Attention Gives You More Bang for the Buck: Subtle Imaging Perturbations That Efficiently Fool … 1 day, 12 hours ago | arxiv.org
arxiv attention challenges cs.cr +13
Saving proof-of-work by hierarchical block structure 1 day, 12 hours ago | arxiv.org
algorithm arxiv bitcoin block +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Technical Solutions Engineer, Security

@ Google | Mexico City, CDMX, Mexico
View on infosec-jobs.com

Assoc Eng Equipment Engineering

@ GlobalFoundries | SGP - Woodlands
View on infosec-jobs.com

Staff Security Engineer, Cloud Infrastructure

@ Flexport | Bellevue, WA; San Francisco, CA
View on infosec-jobs.com

Software Engineer III, Google Cloud Security and Privacy

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com

Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy

@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs