Never Let Your Guard Down: Finding Unguarded Gates to Bypass Control Flow Guard with Big Data

Дата: 08.01.2020. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

Control Flow Guard (CFG) is a security mechanism to prevent indirect branches (indirect call/jmp) to redirect control flow to unexpected locations. It was originally released by Microsoft with Windows 8.1 and currently implemented in Window 10 as an enhanced security feature. CFG works by inserting a control-flow check-function before each critical indirect branch at compiling time, while the check-function will validate the target address using CFG bitmap at runtime.

by Ke Sun and Ya Ou

Full Abstract & Presentation Materials:


Об авторе CISO CLUB

Редакция CISO CLUB. Официальный аккаунт. CISO CLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *