Adaptive defenses for commodity software through virtual application partitioning
暂无分享,去创建一个
Angelos D. Keromytis | Dimitris Geneiatakis | Georgios Portokalidis | Vasileios P. Kemerlis | A. Keromytis | G. Portokalidis | V. P. Kemerlis | D. Geneiatakis | V. Kemerlis | Dimitris Geneiatakis
[1] Dawn Xiaodong Song,et al. TaintEraser: protecting sensitive data leaks using application-level taint tracking , 2011, OPSR.
[2] Periklis Akritidis,et al. Cling: A Memory Allocator to Mitigate Dangling Pointers , 2010, USENIX Security Symposium.
[3] Mark Handley,et al. Wedge: Splitting Applications into Reduced-Privilege Compartments , 2008, NSDI.
[4] David Brumley,et al. Privtrans: Automatically Partitioning Programs for Privilege Separation , 2004, USENIX Security Symposium.
[5] Wei Xu,et al. Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks , 2006, USENIX Security Symposium.
[6] Niels Provos,et al. Preventing Privilege Escalation , 2003, USENIX Security Symposium.
[7] Miguel Castro,et al. Preventing Memory Error Exploits with WIT , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).
[8] Jason Flinn,et al. Parallelizing security checks on commodity hardware , 2008, ASPLOS.
[9] Miguel Castro,et al. Securing software by enforcing data-flow integrity , 2006, OSDI '06.
[10] Andrew Schofield,et al. Partition-based heap memory management in an application server , 2008, OPSR.
[11] Angelos D. Keromytis,et al. Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization , 2012, 2012 IEEE Symposium on Security and Privacy.
[12] Douglas Kilpatrick,et al. Privman: A Library for Partitioning Applications , 2003, USENIX Annual Technical Conference, FREENIX Track.
[13] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.
[14] Andrew Morgan,et al. Pluggable Authentication Modules , 1998 .
[15] Maxwell N. Krohn,et al. Building Secure High-Performance Web Services with OKWS , 2004, USENIX Annual Technical Conference, General Track.
[16] G. Edward Suh,et al. Aegis: A Single-Chip Secure Processor , 2007, IEEE Design & Test of Computers.
[17] Niels Provos,et al. Improving Host Security with System Call Policies , 2003, USENIX Security Symposium.
[18] Cheng Wang,et al. LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks , 2006, 2006 39th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO'06).
[19] Angelos D. Keromytis,et al. Fast and practical instruction-set randomization for commodity systems , 2010, ACSAC '10.
[20] Andrew C. Myers,et al. Secure program partitioning , 2002, TOCS.
[21] Kenneth Geisshirt,et al. Pluggable Authentication Modules , 2007 .
[22] David E. Culler,et al. SEDA: an architecture for well-conditioned, scalable internet services , 2001, SOSP.
[23] Angelos D. Keromytis,et al. ASSURE: automatic software self-healing using rescue points , 2009, ASPLOS.
[24] James Newsome,et al. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software , 2005, NDSS.
[25] Angelos D. Keromytis,et al. libdft: practical dynamic data flow tracking for commodity systems , 2012, VEE '12.
[26] Charles Reis,et al. Isolating web programs in modern browser architectures , 2009, EuroSys '09.
[27] Theodore Y. Ts'o,et al. Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.
[28] Patrick D. McDaniel,et al. Towards Automated Privilege Separation , 2007, ICISS.
[29] Steven Hand,et al. Privilege separation made easy: trusting small libraries not big processes , 2008, EUROSEC '08.
[30] Emery D. Berger,et al. DieHarder: securing the heap , 2010, CCS '10.
[31] Steve R. White,et al. ABYSS: An Architecture for Software Protection , 1990, IEEE Trans. Software Eng..
[32] David A. Wagner,et al. Fine-grained privilege separation for web applications , 2010, WWW '10.
[33] Harish Patil,et al. Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.
[34] Leyla Bilge,et al. G-Free: defeating return-oriented programming through gadget-less binaries , 2010, ACSAC '10.
[35] Robert N. M. Watson,et al. Capsicum: Practical Capabilities for UNIX , 2010, USENIX Security Symposium.
[36] Jun Xu,et al. Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.
[37] Heng Yin,et al. Panorama: capturing system-wide information flow for malware detection and analysis , 2007, CCS '07.
[38] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[39] Eric A. Brewer,et al. USENIX Association Proceedings of HotOS IX : The 9 th Workshop on Hot Topics in Operating Systems , 2003 .