Effectiveness of Moving Target Defenses
暂无分享,去创建一个
[1] Jack W. Davidson,et al. Security through redundant data diversity , 2008, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN).
[2] Angelos D. Keromytis,et al. SQLrand: Preventing SQL Injection Attacks , 2004, ACNS.
[3] Jack W. Davidson,et al. Secure and practical defense against code-injection attacks using software dynamic translation , 2006, VEE '06.
[4] Benjamin Livshits,et al. NOZZLE: A Defense Against Heap-spraying Code Injection Attacks , 2009, USENIX Security Symposium.
[5] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.
[6] Salvatore J. Stolfo,et al. Smashing the Stack with Hydra: The Many Heads of Advanced Polymorphic Shellcode , 2009 .
[7] Jun Xu,et al. Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.
[8] Elena Gabriela Barrantes,et al. Known/Chosen Key Attacks against Software Instruction Set Randomization , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[9] Andrew W. Appel,et al. Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..
[10] Frank Piessens,et al. Breaking the memory secrecy assumption , 2009, EUROSEC '09.
[11] Margo I. Seltzer,et al. An architecture a day keeps the hacker away , 2005, CARN.
[12] Michael Franz,et al. Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space , 2009, EuroSys '09.
[13] Salim Hariri,et al. Randomized Instruction Set Emulation To Disrupt Binary Code Injection Attacks , 2003 .
[14] Emery D. Berger,et al. DieHard: probabilistic memory safety for unsafe languages , 2006, PLDI '06.
[15] Daniel C. DuVarney,et al. Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.
[16] Norman Hardy,et al. The Confused Deputy: (or why capabilities might have been invented) , 1988, OPSR.
[17] David H. Ackley,et al. Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).
[18] Michael Franz,et al. Reverse Stack Execution in a MultiVariant Execution Environment , 2012 .
[19] Angelos D. Keromytis,et al. On the General Applicability of Instruction-Set Randomization , 2010, IEEE Transactions on Dependable and Secure Computing.
[20] David Evans,et al. N-Variant Systems: A Secretless Framework for Security through Diversity , 2006, USENIX Security Symposium.
[21] Andrew Wang,et al. On the effectiveness of the metamorphic shield , 2010, ECSA '10.
[22] Hovav Shacham,et al. On the effectiveness of address-space randomization , 2004, CCS '04.
[23] David H. Ackley,et al. Randomized instruction set emulation to disrupt binary code injection attacks , 2003, CCS '03.
[24] Nathanael Paul,et al. Where's the FEEB? The Effectiveness of Instruction Set Randomization , 2005, USENIX Security Symposium.
[25] David H. Ackley,et al. Randomized instruction set emulation , 2005, TSEC.
[26] M. Castro,et al. Data Randomization , 2008 .
[27] Angelos D. Keromytis,et al. Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.