Randomization-based Defenses against Data-Oriented Attacks

For nearly two decades now, the vast majority of critical software vulnerabilities have been memory corruption bugs in C and C++ programs[13, 14]. Attackers often exploit these bugs using control-flow hijacking techniques to seize control over vulnerable programs. This allows them to execute arbitrary code, exfiltrate sensitive data, or escalate the programs' privileges. However, thanks to the successful rollout of mitigations such as control-flow integrity and shadow stacks,[5] it is becoming increasingly harder to mount control-flow attacks.