Background Control Flow Hijack Defense Soltware Security Background 5】 Cordol月ea Detinse Vulnerabilities(bugs)are the root cause of hijacks Cattary Codenas Bs0au时 Identify vulnerabilities with analysis tools(before attackers) SOianT weianei DnG Prove program correctness Puymnishie Cinin Data Execution Prevention Mitigation Techniques: Dutidan Canaries-StackGuard Data Execution Prevention(DEP)/No eXecute(NX) ASLR Address Space Layout Randomization(ASLR) ASLR Nanjng Uivarsty57 Software Security Background Control Flow Hijack 5 Control Flow Hijack Defense Canary Defense StackGuard StackGuard Weakness DiffGuard Polymorphic Canary Data Execution Prevention Definition DEP Scorecard Return-to-libc Attack ASLR ASLR Randomization ASLR Dept. of Computer Science, Nanjing University Background Control Flow Hijack Defense