Automated Software Diversity
暂无分享,去创建一个
[1] Fred B. Schneider,et al. Independence from obfuscation: A semantic framework for diversity , 2010, J. Comput. Secur..
[2] Christian S. Collberg,et al. A Taxonomy of Obfuscating Transformations , 1997 .
[3] Mary Lou Soffa,et al. Retargetable and reconfigurable software dynamic translation , 2003, International Symposium on Code Generation and Optimization, 2003. CGO 2003..
[4] Emery D. Berger,et al. DieHarder: securing the heap , 2010, CCS '10.
[5] Robert Wahbe,et al. Efficient software-based fault isolation , 1994, SOSP '93.
[6] Adi Shamir,et al. Efficient Cache Attacks on AES, and Countermeasures , 2010, Journal of Cryptology.
[7] E AndersonThomas,et al. Efficient software-based fault isolation , 1993 .
[8] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.
[9] F. J. Corbató,et al. Introduction and overview of the multics system , 1965, AFIPS '65 (Fall, part I).
[10] Jack W. Davidson,et al. Protection of software-based survivability mechanisms , 2001, 2001 International Conference on Dependable Systems and Networks.
[11] Dan Boneh,et al. Address space randomization for mobile devices , 2011, WiSec '11.
[12] Lorenzo Martignoni,et al. Surgically Returning to Randomized lib(c) , 2009, 2009 Annual Computer Security Applications Conference.
[13] Ben Niu,et al. RockJIT: Securing Just-In-Time Compilation Using Modular Control-Flow Integrity , 2014, CCS.
[14] Per Larsen,et al. Opaque Control-Flow Integrity , 2015, NDSS.
[15] Jack W. Davidson,et al. ILR: Where'd My Gadgets Go? , 2012, 2012 IEEE Symposium on Security and Privacy.
[16] Kevin W. Hamlen,et al. Securing untrusted code via compiler-agnostic binary rewriting , 2012, ACSAC '12.
[17] Mihai Budiu,et al. Control-flow integrity principles, implementations, and applications , 2009, TSEC.
[18] Per Larsen,et al. Losing Control: On the Effectiveness of Control-Flow Integrity under Stack Attacks , 2015, CCS.
[19] Dawn Xiaodong Song,et al. SoK: Eternal War in Memory , 2013, 2013 IEEE Symposium on Security and Privacy.
[20] Hovav Shacham,et al. When good instructions go bad: generalizing return-oriented programming to RISC , 2008, CCS.
[21] Cristiano Giuffrida,et al. Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization , 2012, USENIX Security Symposium.
[22] Per Larsen,et al. Diversifying the Software Stack Using Randomized NOP Insertion , 2013, Moving Target Defense.
[23] Ben Niu,et al. Modular control-flow integrity , 2014, PLDI.
[24] Liming Chen,et al. N-VERSION PROGRAMMINC: A FAULT-TOLERANCE APPROACH TO RELlABlLlTY OF SOFTWARE OPERATlON , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..
[25] Rajeev Barua,et al. A compiler-level intermediate representation based binary analysis and rewriting system , 2013, EuroSys '13.
[26] Per Larsen,et al. Readactor: Practical Code Randomization Resilient to Memory Disclosure , 2015, 2015 IEEE Symposium on Security and Privacy.
[27] Wenke Lee,et al. ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks , 2015, CCS.
[28] Angelos D. Keromytis,et al. Hydan: Hiding Information in Program Binaries , 2004, ICICS.
[29] Saumya K. Debray,et al. Obfuscation of executable code to improve resistance to static disassembly , 2003, CCS '03.
[30] Easwaran Raman,et al. MAO — An extensible micro-architectural optimizer , 2011, International Symposium on Code Generation and Optimization (CGO 2011).
[31] Martín Abadi,et al. Control-flow integrity , 2005, CCS '05.
[32] Dan Boneh,et al. Hacking Blind , 2014, 2014 IEEE Symposium on Security and Privacy.
[33] Clark Thomborson,et al. Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.
[34] Chao Zhang,et al. Practical Control Flow Integrity and Randomization for Binary Executables , 2013, 2013 IEEE Symposium on Security and Privacy.
[35] David H. Ackley,et al. Randomized instruction set emulation , 2005, TSEC.
[36] Michael Franz,et al. E unibus pluram: massive-scale software diversity as a defense mechanism , 2010, NSPW '10.
[37] Xi Chen,et al. StackArmor: Comprehensive Protection From Stack-based Memory Error Vulnerabilities for Binaries , 2015, NDSS.
[38] Takeo Hariu,et al. Code shredding: byte-granular randomization of program layout for detecting code-reuse attacks , 2012, ACSAC '12.
[39] Peng Ning,et al. Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[40] Herbert Bos,et al. Out of Control: Overcoming Control-Flow Integrity , 2014, 2014 IEEE Symposium on Security and Privacy.
[41] Hovav Shacham,et al. On the effectiveness of address-space randomization , 2004, CCS '04.
[42] Ahmad-Reza Sadeghi,et al. Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming , 2015, NDSS.
[43] Bennet S. Yee,et al. Native Client: A Sandbox for Portable, Untrusted x86 Native Code , 2009, 2009 30th IEEE Symposium on Security and Privacy.
[44] Frank Piessens,et al. Breaking the memory secrecy assumption , 2009, EUROSEC '09.
[45] Ahmad-Reza Sadeghi,et al. Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and ARM , 2013, ASIA CCS '13.
[46] Ahmad-Reza Sadeghi,et al. Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization , 2013, 2013 IEEE Symposium on Security and Privacy.
[47] Per Larsen,et al. Booby trapping software , 2013, NSPW '13.
[48] Peng Liu,et al. A Practical Approach for Adaptive Data Structure Layout Randomization , 2015, ESORICS.
[49] Moritz Contag,et al. Evaluating the Effectiveness of Current Anti-ROP Defenses , 2014, RAID.
[50] William W. Streilein,et al. Timely Rerandomization for Mitigating Memory Disclosures , 2015, CCS.
[51] Michael Franz,et al. Compiler-Generated Software Diversity , 2011, Moving Target Defense.
[52] Xuxian Jiang,et al. On the Expressiveness of Return-into-libc Attacks , 2011, RAID.
[53] Per Larsen,et al. Librando: transparent code randomization for just-in-time compilers , 2013, CCS.
[54] Per Larsen,et al. Security through Diversity: Are We There Yet? , 2014, IEEE Security & Privacy.
[55] Wouter Joosen,et al. HeapSentry: Kernel-Assisted Protection against Heap Overflows , 2013, DIMVA.
[56] M. Castro,et al. Data Randomization , 2008 .
[57] Brian Randell. System structure for software fault tolerance , 1975 .
[58] Hovav Shacham,et al. Return-Oriented Programming: Systems, Languages, and Applications , 2012, TSEC.
[59] Per Larsen,et al. Profile-guided automated software diversity , 2013, Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO).
[60] Angelos D. Keromytis,et al. Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization , 2012, 2012 IEEE Symposium on Security and Privacy.
[61] Lei Duan,et al. INSeRT: Protect Dynamic Code Generation against spraying , 2011, International Conference on Information Science and Technology.
[62] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.
[63] Christian S. Collberg,et al. Distributed application tamper detection via continuous software updates , 2012, ACSAC '12.
[64] Elisa Bertino,et al. Marlin: Mitigating Code Reuse Attacks Using Code Randomization , 2015, IEEE Transactions on Dependable and Secure Computing.
[65] Nicholas Nethercote,et al. Valgrind: a framework for heavyweight dynamic binary instrumentation , 2007, PLDI '07.
[66] Ramarathnam Venkatesan,et al. The Superdiversifier: Peephole Individualization for Software Protection , 2008, IWSEC.
[67] Hovav Shacham,et al. The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.
[68] Jack W. Davidson,et al. Profile guided code positioning , 1990, SIGP.
[69] Per Larsen,et al. SoK: Automated Software Diversity , 2014, 2014 IEEE Symposium on Security and Privacy.
[70] Per Larsen,et al. It's a TRaP: Table Randomization and Protection against Function-Reuse Attacks , 2015, CCS.
[71] Koen De Bosschere,et al. Protecting Your Software Updates , 2013, IEEE Security & Privacy.
[72] Ahmad-Reza Sadeghi,et al. Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications , 2015, 2015 IEEE Symposium on Security and Privacy.
[73] Frederick B. Cohen,et al. Operating system protection through program evolution , 1993, Comput. Secur..
[74] Peter G. Neumann,et al. Beyond the PDP-11: Architectural Support for a Memory-Safe C Abstract Machine , 2015, ASPLOS.
[75] Jeff Seibert,et al. Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code , 2014, CCS.
[76] Bart Coppens,et al. Feedback-driven binary code diversification , 2013, TACO.
[77] Koen De Bosschere,et al. Instruction Set Limitation in Support of Software Diversity , 2009, ICISC.
[78] Thomas R. Gross,et al. Fine-Grained Control-Flow Integrity Through Binary Hardening , 2015, DIMVA.
[79] Fan Long,et al. Control Jujutsu: On the Weaknesses of Fine-Grained Control Flow Integrity , 2015, CCS.
[80] Michael Backes,et al. You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code , 2014, CCS.
[81] Robert H. Deng,et al. ROPecker: A Generic and Practical Approach For Defending Against ROP Attacks , 2014, NDSS.
[82] Peng Ning,et al. HideM: Protecting the Contents of Userspace Memory in the Face of Disclosure Vulnerabilities , 2015, CODASPY.
[83] Sorin Lerner,et al. SafeDispatch: Securing C++ Virtual Calls from Memory Corruption Attacks , 2014, NDSS.
[84] Kevin W. Hamlen,et al. Binary stirring: self-randomizing instruction addresses of legacy x86 binary code , 2012, CCS.
[85] S. Bhatkar,et al. Data Space Randomization , 2008, DIMVA.
[86] David H. Ackley,et al. Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).