-
1
-
-
3042642332
-
The Advanced Return-into-lib(c) Exploits: PaX Case Study
-
Nergal.0x58
-
Nergal: The Advanced Return-into-lib(c) Exploits: PaX Case Study. Phrack Magazine 11(0x58), 4-14 (2001)
-
(2001)
Phrack Magazine
, vol.11
, pp. 4-14
-
-
-
2
-
-
77952351839
-
The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)
-
Shacham, H.: The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). In: 14th ACM CCS (2007)
-
(2007)
14th ACM CCS
-
-
Shacham, H.1
-
3
-
-
71549168416
-
-
Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-Oriented Programming: Systems, Languages, and Applications (2009), http://cseweb.ucsd. edu/~hovav/dist/rop.pdf
-
(2009)
Return-Oriented Programming: Systems, Languages, and Applications
-
-
Roemer, R.1
Buchanan, E.2
Shacham, H.3
Savage, S.4
-
4
-
-
74049136385
-
Dynamic Integrity Measurement and Attestation: Towards Defense against Return-oriented Programming Attacks
-
Davi, L., Sadeghi, A.-R., Winandy, M.: Dynamic Integrity Measurement and Attestation: Towards Defense against Return-oriented Programming Attacks. In: 4th ACM STC (2009)
-
(2009)
4th ACM STC
-
-
Davi, L.1
Sadeghi, A.-R.2
Winandy, M.3
-
5
-
-
78650915151
-
Jump-Oriented Programming: A New Class of Code-Reuse Attack
-
Department of Computer Science, NC State University April
-
Bletsch, T., Jiang, X., Freeh, V.: Jump-Oriented Programming: A New Class of Code-Reuse Attack. In: CSC-TR-2010-8, Department of Computer Science, NC State University (April 2010)
-
(2010)
CSC-TR-2010-8
-
-
Bletsch, T.1
Jiang, X.2
Freeh, V.3
-
6
-
-
78751484536
-
G-free: Defeating Return-Oriented Programming Through Gadget-less Binaries
-
Onarlioglu, K., Bilge, L., Lanzi, A., Balzarotti, D., Kirda, E.: G-free: Defeating Return-Oriented Programming Through Gadget-less Binaries. In: 26th ACSAC (2010)
-
(2010)
26th ACSAC
-
-
Onarlioglu, K.1
Bilge, L.2
Lanzi, A.3
Balzarotti, D.4
Kirda, E.5
-
7
-
-
70349267779
-
When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC
-
Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC. In: 15th ACM CCS (2008)
-
(2008)
15th ACM CCS
-
-
Buchanan, E.1
Roemer, R.2
Shacham, H.3
Savage, S.4
-
10
-
-
74049112175
-
On the Difficulty of Software- Based Attestation of Embedded Devices
-
ACM, New York
-
Castelluccia, D.P.C., Francillon, A., Soriente, C.: On the Difficulty of Software- Based Attestation of Embedded Devices. In: 16th ACM CCS, ACM, New York (2009)
-
(2009)
16th ACM CCS
-
-
Castelluccia, D.P.C.1
Francillon, A.2
Soriente, C.3
-
11
-
-
84861443711
-
Can DREs Provide Long-Lasting Security? The Case of Return- Oriented Programming and the AVC Advantage
-
Checkoway, S., Feldman, A.J., Kantor, B., Alex Halderman, J., Felten, E.W., Shacham, H.: Can DREs Provide Long-Lasting Security? The Case of Return- Oriented Programming and the AVC Advantage. In: Proceedings of EVT/WOTE 2009. USENIX/ACCURATE/IAVoSS (August 2009)
-
Proceedings of EVT/WOTE 2009. USENIX/ACCURATE/IAVoSS (August 2009)
-
-
Checkoway, S.1
Feldman, A.J.2
Kantor, B.3
Alex Halderman, J.4
Felten, E.W.5
Shacham, H.6
-
12
-
-
71549162538
-
DROP: Detecting Return- Oriented Programming Malicious Code
-
Prakash, A., Sen Gupta, I. (eds.) ICISS 2009. Springer, Heidelberg
-
Chen, P., Xiao, H., Shen, X., Yin, X., Mao, B., Xie, L.: DROP: Detecting Return- Oriented Programming Malicious Code. In: Prakash, A., Sen Gupta, I. (eds.) ICISS 2009. LNCS, vol. 5905, pp. 163-177. Springer, Heidelberg (2009)
-
(2009)
LNCS
, vol.5905
, pp. 163-177
-
-
Chen, P.1
Xiao, H.2
Shen, X.3
Yin, X.4
Mao, B.5
Xie, L.6
-
13
-
-
77954614533
-
Defeating Return-Oriented Rootkits with Return-less Kernels
-
Li, J., Wang, Z., Jiang, X., Grace, M., Bahram, S.: Defeating Return-Oriented Rootkits with Return-less Kernels. In: 5th ACM EuroSys (2010)
-
(2010)
5th ACM EuroSys
-
-
Li, J.1
Wang, Z.2
Jiang, X.3
Grace, M.4
Bahram, S.5
-
14
-
-
84857285531
-
Return-Oriented Exploitation
-
Zovi, D.D.: Return-Oriented Exploitation. Black Hat (2010)
-
(2010)
Black Hat
-
-
Zovi, D.D.1
-
15
-
-
38149131588
-
-
The Austin Group. Version 3 (POSIX-2001)
-
The Austin Group. The Single UNIX Specification, Version 3 (POSIX-2001)
-
The Single UNIX Specification
-
-
-
16
-
-
84857272339
-
-
Microsoft MSDN (2010), http://msdn.microsoft.com/en-us/library/dd162746
-
(2010)
-
-
-
17
-
-
77952274256
-
-
Technical Report WG14 N1124, ISO/IEC
-
The ANSI C standard (C99). Technical Report WG14 N1124, ISO/IEC (1999)
-
(1999)
The ANSI C Standard (C99)
-
-
-
18
-
-
84857248904
-
-
Busy Beaver, http://en.wikipedia.org/wiki/Busy-beaver
-
Busy Beaver
-
-
-
19
-
-
84945216592
-
-
CSC-TR-2011-16, Department of Computer Science, NC State University June
-
Tran, M., Etheridge,M., Bletsch, T., Jiang, X., Freeh, V., Ning, P.: On the Expressiveness of Return-into-libc Attacks. CSC-TR-2011-16, Department of Computer Science, NC State University (June 2011)
-
(2011)
On the Expressiveness of Return-into-libc Attacks
-
-
Tran, M.1
Etheridge, M.2
Bletsch, T.3
Jiang, X.4
Freeh, V.5
Ning, P.6
-
20
-
-
76949101487
-
Getting Around Non-executable Stack (and Fix)
-
Solar Designer
-
Solar Designer. Getting Around Non-executable Stack (and Fix). Bugtraq (1997)
-
(1997)
Bugtraq
-
-
-
21
-
-
78650032454
-
Return-Oriented Programming Without Returns
-
October
-
Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.-R., Shacham, H., Winandy, M.: Return-Oriented Programming Without Returns. In: 17th ACM CCS (October 2010)
-
(2010)
17th ACM CCS
-
-
Checkoway, S.1
Davi, L.2
Dmitrienko, A.3
Sadeghi, A.-R.4
Shacham, H.5
Winandy, M.6
-
22
-
-
78650021053
-
-
Technical Report HGI-TR-2010- 001, Horst Görtz Institute for IT Security March
-
Davi, L., Sadeghi, A.-R., Winandy, M.: ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks. Technical Report HGI-TR-2010- 001, Horst Görtz Institute for IT Security (March 2010)
-
(2010)
ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks
-
-
Davi, L.1
Sadeghi, A.-R.2
Winandy, M.3
-
23
-
-
0035017559
-
RAD: A Compile-Time Solution to Buffer Overflow Attacks
-
April
-
Chiueh, T.-c., Hsu, F.-H.: RAD: A Compile-Time Solution to Buffer Overflow Attacks. In: 21st IEEE ICDCS (April 2001)
-
(2001)
21st IEEE ICDCS
-
-
Chiueh, T.-C.1
Hsu, F.-H.2
-
27
-
-
78650024047
-
-
Technical Report HGI-TR-2010-002. Ruhr University Bochum, Germany
-
Davi, L., Dmitrienkoy, A., Sadeghi, A.-R., Winandy, M.: Return-Oriented Programming without Returns on ARM. Technical Report HGI-TR-2010-002. Ruhr University Bochum, Germany (2010)
-
(2010)
Return-Oriented Programming Without Returns on ARM
-
-
Davi, L.1
Dmitrienkoy, A.2
Sadeghi, A.-R.3
Winandy, M.4
-
29
-
-
84954188728
-
Efficient Techniques for Comprehensive Protection from Memory Error Exploits
-
Bhatkar, S., Sekar, R., DuVarney, D.C.: Efficient Techniques for Comprehensive Protection from Memory Error Exploits. In: 14th USENIX Security (2005)
-
(2005)
14th USENIX Security
-
-
Bhatkar, S.1
Sekar, R.2
DuVarney, D.C.3
-
30
-
-
77950856300
-
Surgically Returning to Randomized Lib(c)
-
Roglia, G.F., Martignoni, L., Paleari, R., Bruschi, D.: Surgically Returning to Randomized Lib(c). In: 25th ACSAC (2009)
-
(2009)
25th ACSAC
-
-
Roglia, G.F.1
Martignoni, L.2
Paleari, R.3
Bruschi, D.4
-
31
-
-
18744376889
-
Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks
-
Barrantes, E.G., Ackley, D.H., Forrest, S., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks. In: 10th ACM CCS (2003)
-
(2003)
10th ACM CCS
-
-
Barrantes, E.G.1
Ackley, D.H.2
Forrest, S.3
Palmer, T.S.4
Stefanovic, D.5
Zovi, D.D.6
-
32
-
-
14844317200
-
Countering Code-Injection AttacksWith Instruction-Set Randomization
-
Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering Code-Injection AttacksWith Instruction-Set Randomization. In: 10th ACM CCS (2003)
-
(2003)
10th ACM CCS
-
-
Kc, G.S.1
Keromytis, A.D.2
Prevelakis, V.3
-
34
-
-
33646767376
-
Control-Flow Integrity: Principles, Implementations, and Applications
-
Abadi, M., Budiu, M., Erilingsson, Ú., Ligatti, J.: Control-Flow Integrity: Principles, Implementations, and Applications. In: 12th ACM CCS (2005)
-
(2005)
12th ACM CCS
-
-
Abadi, M.1
Budiu, M.2
Erilingsson, Ú.3
Ligatti, J.4
-
35
-
-
84991997276
-
Securing Software by Enforcing Data-Flow Integrity
-
November
-
Castro, M., Costa, M., Harris, T.: Securing Software by Enforcing Data-Flow Integrity. In: 7th USENIX OSDI (November 2006)
-
(2006)
7th USENIX OSDI
-
-
Castro, M.1
Costa, M.2
Harris, T.3
|