How to Make ASLR Win the Clone Wars: Runtime Re-Randomization
暂无分享,去创建一个
[1] Per Larsen,et al. Opaque Control-Flow Integrity , 2015, NDSS.
[2] Angelos D. Keromytis,et al. Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization , 2012, 2012 IEEE Symposium on Security and Privacy.
[3] Aditya Akella,et al. Proceedings of the 2014 Conference on Internet Measurement Conference , 2014, IMC 2014.
[4] Kevin W. Hamlen,et al. Binary stirring: self-randomizing instruction addresses of legacy x86 binary code , 2012, CCS.
[5] Jeff Seibert,et al. Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code , 2014, CCS.
[6] Christoforos E. Kozyrakis,et al. Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.
[7] Cristiano Giuffrida,et al. Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization , 2012, USENIX Security Symposium.
[8] Wenke Lee,et al. ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks , 2015, CCS.
[9] Ahmad-Reza Sadeghi,et al. Stitching the Gadgets: On the Ineffectiveness of Coarse-Grained Control-Flow Integrity Protection , 2014, USENIX Security Symposium.
[10] George Candea,et al. Code-pointer integrity , 2014, OSDI.
[11] David A. Wagner,et al. Finding User/Kernel Pointer Bugs with Type Inference , 2004, USENIX Security Symposium.
[12] Dan Boneh,et al. Address space randomization for mobile devices , 2011, WiSec '11.
[13] William Herlands,et al. Effective Entropy: Security-Centric Metric for Memory Randomization Techniques , 2014, CSET.
[14] Per Larsen,et al. Readactor: Practical Code Randomization Resilient to Memory Disclosure , 2015, 2015 IEEE Symposium on Security and Privacy.
[15] Martín Abadi,et al. Control-flow integrity , 2005, CCS '05.
[16] Dan Boneh,et al. Hacking Blind , 2014, 2014 IEEE Symposium on Security and Privacy.
[17] Michael Backes,et al. Oxymoron: Making Fine-Grained Memory Randomization Practical by Allowing Code Sharing , 2014, USENIX Security Symposium.
[18] Mingwei Zhang,et al. Control Flow Integrity for COTS Binaries , 2013, USENIX Security Symposium.
[19] Dongyan Xu,et al. Polymorphing Software by Randomizing Data Structure Layout , 2009, DIMVA.
[20] Ben Niu,et al. Modular control-flow integrity , 2014, PLDI.
[21] Dan Boneh,et al. Cryptographically Enforced Control Flow Integrity , 2014, ArXiv.
[22] William W. Streilein,et al. Timely Rerandomization for Mitigating Memory Disclosures , 2015, CCS.
[23] Nicholas Nethercote,et al. Using Valgrind to Detect Undefined Value Errors with Bit-Precision , 2005, USENIX Annual Technical Conference, General Track.
[24] Ahmad-Reza Sadeghi,et al. Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and ARM , 2013, ASIA CCS '13.
[25] Per Larsen,et al. SoK: Automated Software Diversity , 2014, 2014 IEEE Symposium on Security and Privacy.
[26] Per Larsen,et al. It's a TRaP: Table Randomization and Protection against Function-Reuse Attacks , 2015, CCS.
[27] George C. Necula,et al. CCured: type-safe retrofitting of legacy software , 2005, TOPL.
[28] Angelos D. Keromytis,et al. libdft: practical dynamic data flow tracking for commodity systems , 2012, VEE '12.
[29] Stelios Sidiroglou,et al. Missing the Point(er): On the Effectiveness of Code Pointer Integrity , 2015, 2015 IEEE Symposium on Security and Privacy.
[30] Milo M. K. Martin,et al. SoftBound: highly compatible and complete spatial memory safety for c , 2009, PLDI '09.
[31] Per Larsen,et al. Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity , 2015, NDSS.
[32] Herbert Bos,et al. Minemu: The World's Fastest Taint Tracker , 2011, RAID.
[33] Xi Chen,et al. StackArmor: Comprehensive Protection From Stack-based Memory Error Vulnerabilities for Binaries , 2015, NDSS.
[34] Alessandro Orso,et al. Effective memory protection using dynamic tainting , 2007, ASE '07.
[35] Peng Ning,et al. Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[36] R. Sekar,et al. Address-Space Randomization for Windows Systems , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[37] Jack W. Davidson,et al. ILR: Where'd My Gadgets Go? , 2012, 2012 IEEE Symposium on Security and Privacy.
[38] Michael Backes,et al. You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code , 2014, CCS.
[39] Chao Zhang,et al. Practical Control Flow Integrity and Randomization for Binary Executables , 2013, 2013 IEEE Symposium on Security and Privacy.
[40] Isil Dillig,et al. Reasoning about the unknown in static analysis , 2010, Commun. ACM.
[41] Vern Paxson,et al. The Matter of Heartbleed , 2014, Internet Measurement Conference.
[42] Wenke Lee,et al. From Zygote to Morula: Fortifying Weakened ASLR on Android , 2014, 2014 IEEE Symposium on Security and Privacy.
[43] Steve J. Chapin,et al. Address-space layout randomization using code islands , 2009, J. Comput. Secur..
[44] Angelos D. Keromytis,et al. ShadowReplica: efficient parallelization of dynamic data flow tracking , 2013, CCS.
[45] Ahmad-Reza Sadeghi,et al. Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization , 2013, 2013 IEEE Symposium on Security and Privacy.
[46] Ahmad-Reza Sadeghi,et al. Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming , 2015, NDSS.
[47] S. Bhatkar,et al. Data Space Randomization , 2008, DIMVA.