The presentation discusses the challenges in control-flow protection making it difficult for attackers to manipulate control data, leading to data-only attacks focusing on corrupting critical data, bypassing all protections. It introduces the concept of syscall-guard variables in security-related syscalls like execve, proposing a method called 'branch force' to detect such variables by flipping conditional branches and analyzing data flow for common memory errors, resulting in the development of VIPER tool. VIPER successfully identifies 34 previously unknown syscall-guard variables, enabling the creation of new data-only attacks on programs like sqlite and v8
The research conducted by Zhechang Zhang, Hengkai Ye, and Hong Hu highlights the importance of detecting these variables and demonstrates the practicality of VIPER in spotting syscall-guard variables in various programs within five minutes. ``` https://www.youtube.com/watch?v=utjtAxagbr8