Introduction

While memory safety is at the heart of preventing attacks via undefined semantic behavior, it is not the only approach to thwarting such attacks. Information flow, randomization, and canaries have also been used to detect attacks against undefined C program behavior. It is useful to be aware of these techniques and understand the tradeoffs between full memory safety and these other techniques.

Below are papers on various related topics to attack detection and prevention.

Information Flow Papers

Randomization and Probabilistic Safety Papers

Control Flow Integrity Papers

Miscellaneous Papers