{draft, needs completion}

1       Introduction

1.1   Overview of Control-Flow Integrity

1.3   Control-Flow Carrying Code

1.4   Control-Flow Integrity Enforcement Based on Dynamic Code Optimization

2        Literature Review

2.1   Control-Flow Hijacking

2.2   Deployed Defenses

2.3   Control-Flow Integrity

3        When Function Signature Recovery Meets Compiler Optimization

3.1   Introduction

3.2   Background and Unified Notation

3.3   Eight Ways in Which Compiler Optimization Impacts Function Signature Recovery

3.4   Evaluation

3.5   Revised Policy

3.6   Evaluation on revised policy

3.7   Summary

4        Control-Flow Carrying Code

4.1   Introduction

4.2   Overview of C^3

4.3   Detailed Designed of C^3

4.4   Implementation

4.5   Evaluation

4.6   Discussion

4.7   Summary

5     Control-Flow Integrity Enforcement with Dynamic Code Optimization

5.1   Introduction

5.2   Design, Implementation, and Security Comparison

5.3   Detailed Performance Profiling

5.4   Security Evaluation

5.5   Summary

6        Conclusion

Bibliography

Yan Lin is at the School of Computing and Information Systems, Singapore Management University. Her extensive studies have focused on the area of cybersecurity, and her current researches focus on software security and system security. 

Control-Flow Integrity (CFI) is an attractive security property with which most injected and code-reuse attacks can be defeated, including advanced attacking techniques like return-oriented programming.