References:
References: Enforcing Unique Code Target Property for Control-Flow Integrity, CCS’18 UCT: Unique Code Target ICT: Indirect Control-flow Transfer Key: collecting the necessary runtime information and using it to augment the points-to analysis on control data. Contraining data: the data helps to determine the target of indirect calls. How to identify the constraining data? How to collect this data efficiently? How to perform the points-to analysis efficiently and accurately?
If you could revise
the fundmental principles of
computer system design
to improve security...
... what would you change?