On the Expressiveness of Return-into-libc Attacks
暂无分享,去创建一个
[1] Zhi Wang,et al. Defeating return-oriented rootkits with "Return-Less" kernels , 2010, EuroSys '10.
[2] Leyla Bilge,et al. G-Free: defeating return-oriented programming through gadget-less binaries , 2010, ACSAC '10.
[3] Ahmad-Reza Sadeghi,et al. Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks , 2009, STC '09.
[4] Stephen Checkoway. Escape From Return-Oriented Programming : Return-oriented Programming without Returns ( on the x 86 ) , 2010 .
[5] Ahmad-Reza Sadeghi,et al. Return-Oriented Programming without Returns on ARM , 2010 .
[6] Mihai Budiu,et al. Control-flow integrity principles, implementations, and applications , 2009, TSEC.
[7] Lucas Davi,et al. ROPdefender: a detection tool to defend against return-oriented programming attacks , 2011, ASIACCS '11.
[8] Bing Mao,et al. DROP: Detecting Return-Oriented Programming Malicious Code , 2009, ICISS.
[9] Zhenkai Liang,et al. Jump-oriented programming: a new class of code-reuse attack , 2011, ASIACCS '11.
[10] Daniel C. DuVarney,et al. Efficient Techniques for Comprehensive Protection from Memory Error Exploits , 2005, USENIX Security Symposium.
[11] Hovav Shacham,et al. Can DREs Provide Long-Lasting Security? The Case of Return-Oriented Programming and the AVC Advantage , 2009, EVT/WOTE.
[12] Martín Abadi,et al. Control-flow integrity , 2005, CCS '05.
[13] Felix C. Freiling,et al. Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms , 2009, USENIX Security Symposium.
[14] Michael Shuey,et al. StackGhost: Hardware Facilitated Stack Protection , 2001, USENIX Security Symposium.
[15] Lorenzo Martignoni,et al. Surgically Returning to Randomized lib(c) , 2009, 2009 Annual Computer Security Applications Conference.
[16] David H. Ackley,et al. Randomized instruction set emulation to disrupt binary code injection attacks , 2003, CCS '03.
[17] Derek Bruening,et al. Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.
[18] Miguel Castro,et al. Securing software by enforcing data-flow integrity , 2006, OSDI '06.
[19] Hovav Shacham,et al. Return-oriented programming without returns , 2010, CCS '10.
[20] Hovav Shacham,et al. Return-Oriented Programming: Systems, Languages, and Applications , 2012, TSEC.
[21] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.
[22] Keith J. Jones,et al. 10th USENIX Security Symposium , 2001, login Usenix Mag..
[23] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[24] Tzi-cker Chiueh,et al. RAD: a compile-time solution to buffer overflow attacks , 2001, Proceedings 21st International Conference on Distributed Computing Systems.
[25] Hovav Shacham,et al. When good instructions go bad: generalizing return-oriented programming to RISC , 2008, CCS.
[26] Claudio Soriente,et al. On the difficulty of software-based attestation of embedded devices , 2009, CCS.