MSR-TR-2005-17
A Theory of Secure Control Flow
Martín Abadi; Ulfar Erlingsson; Mihai Budiu; Jay Ligatti
February 2005
12 pp.

http://research.microsoft.com/research/pubs/view.aspx?type=Technical%20Report&id=867 

Control-Flow Integrity (CFI) means that the execution of a program
dynamically follows only certain paths, in accordance with a static policy.
CFI can prevent attacks that, by exploiting buffer overflows and other
vulnerabilities, attempt to control program behavior. This paper develops
the basic theory that underlies two practical techniques for CFI
enforcement, with precise formulations of hypotheses and guarantees. 
Keywords: vulnerability, mitigation security, virus, control flow,
instrumentation, machine code