Computer Science ›› 2013, Vol. 40 ›› Issue (9): 93-98.
Previous Articles Next Articles
CHEN Lin-bo,JIANG Jian-hui and ZHANG Dan-qing
[1] Designer S.Getting around non-executable stack (and fix)[EB/OL].http://seclists.org/bugtraq/1997/Aug/63, Bugtraq,1997 [2] Nergal.The Advanced Return-into-libc(c) Exploits:PaX Case Study[J].Phrack Magazine,2001,11(0x58) [3] Shacham H.The Geometry of Innocent Flesh on the Bone:Return-into-libc without Function Calls (on the x86) [C]∥Proceedings of ACM Conference on Computer and Communications Security (CCS).Whistler:ACM New York Press,2007:552-561 [4] Rop attack against data execution prevention technology [EB/OL].http://www.h-online.com/security/news/item/Exploit-s-new-technology-trick-%dodges-memory-protection-959253.ht-ml,2012-12 [5] Cowan C,Pu C,Maier D,et al.StackGuard:automatic adaptive detection and prevention of buffer-overflow attacks [C]∥Proceedings of the 7th Conference on USENIX Security Sympo-sium.San Antonio:USENIX Association,1998:63-78 [6] Etoh H.ProPolice:GCC extension for protecting applicationsfrom stack-smashing attacks [EB/OL].http://www.trl.ibm.com/projects/security/ssp/ [7] Cowan C,Beattie S,Johansen J,et al.Point-guard:Protectingpointers from buffer overflow vulnerabilities [C]∥Proceedings of the 12th USENIX Security Symposium.Washington:USENIX Association,2003:91-104 [8] Vendicator.Stack Shield technical info file v0.7[EB/OL].http://www.angelfire.com/sk/stackshield/,2012-12 [9] Frantzen M,Shuey M.StackGhost:Hardware facilitated stack protection [C]∥Proceedings of the 10th USENIX Security Symposium.Washington:USENIX Association,2001:271-286 [10] Abadi M,Budiu M,Erilingsson U,et al.Control-Flow Integrity:Principles,Implementations,and Applications[J].ACM Transa-ctions on Information and System Security,2009,13(1) [11] Kiriansky V,Bruening D,Amarasinghe S.Secure Execution Via Program Shepherding [C]∥Proceedings of 11th USENIX Security Symposium.San Francisco:USENIX Association,2002:191-206 [12] Bletsch T,Jiang Xu-xian,Freeh V.Mitigating Code-Reuse At-tacks with Control-Flow Locking [C]∥Proceedings of the 27th Annual Computer Security Applications Conference.Orlando:ACM New York Press,2011:353-362 [13] Chen Lin-bo,Jiang Jian-hui,Zhang Dan-qing.Code Reuse Prevention through Control Flow Lazily Check [C]∥Proceedings of the 2012IEEE 18th Pacific Rim International Symposium on Dependable Computing.Niigata:IEEE Computer Society,2012:51-60 [14] Li J,Wang Z,Jiang X,et al.Defeating return-oriented rootkits with return-less kernels [C]∥Proceedings of the 5th European Conference on Computer Systems.Paris:ACM New York Press,2010:195-208 [15] Onarlioglu K,Bilge L,Lanzi A,et al.G-Free:Defeating return-oriented programming through gadget-less binaries [C]∥Proceedings of 26th Annual Computer Security Applications Conference.Austin:ACM New York Press,2010:49-58 [16] Pappas V,Polychronakis M,Keromytis A D.Smashing theGadgets:Hindering Return-Oriented Programming Using In-Place Code Randomization[C]∥Proceedings of IEEE Sympo-sium on Security and Privacy.Oakland:IEEE Computer Society,2012:601-615 [17] Hiser J,Nguyen-Tuong A,Co M,et al.ILR:where’d my gadget go [C]∥Proceedings of IEEE Symposium on Security and Privacy.Oakland:IEEE Computer Society,2012:571-585 [18] Wartell R,Mohan V,Hamlen K W,et al.Binary Stirring:Self-randomizing Instruction Addresses of Legacy x86Binary Code [C]∥Proceedings of the 2012ACM Conference on Computer and Communications Security.Raleigh,North Carolina:ACM New York Press,2012:157-168 [19] Chen P,Xiao H,Shen X,et al.Drop:Detecting Return-oriented Programming Malicious Code [C]∥Proceedings of the 5th International Conference on Information Systems Security.Kolka-ta,India:Springer,2009:163-177 [20] Davi L,Sadeghi A,Winandy M.Dynamic Integrity Measurement and Attestation:Towards Defense against Return-oriented Programming Attacks [C]∥Proceedings of the 2009ACM Workshop on Scalable Tursted Computing.Chicago:ACM New York Press,2009:49-54 [21] Davi L,Sadeghi A,Winandy M.ROPdefender:A detection tool to defend against return-oriented programming attacks [C]∥Proceedings of the 6th ACM Symposium on Information,Computer and Communications Security.Hong Kong:ACM New York Press,2011:40-51 [22] Chi-Keung Luk,Cohn R,Muth R,et al.Pin:Building Customi-zed Program Analysis Tools with Dynamic Instrumentation [C]∥Proceedings of 2005ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI).Chicago:ACM New York Press,2005:190-200 [23] Adobe CoolType SING Table ‘uniqueName’ Stack Buffer Overflow [EB/OL].http://www.exploit-db.com/exploits/16619/,2010-09-25 [24] Integard Pro 2.2.0.9026(Win7ROP-Code Metasploit Module) [EB/OL].http://www.exploit-db.com/exploits/15016/,2010-09-25 [25] MPlayer (r33064Lite) Buffer Overflow + ROP exploit [EB/OL]. http://www.exploit-db.com/exploits/17124/,2011-04-06 [26] Checkoway S,Davi L,Dmitrienko A.Return-Oriented Programming without Returns [C]∥Proceedings of ACM Conference on Computer and Communications Security (CCS).Chicago:ACM New York Press,2010:559-572 [27] Zovi D D.SOURCE Boston 2010: Practical return-oriented programming[EB/OL].http://trailofbits.files.wordpress.com/2010/04/practical-rop.pdf [28] Bhatkar S,Sekar R,DuVarney D C.Efficient Techniques forComprehensive Protection from Memory Error Exploits [C]∥Proceedings of 14th USENIX Security Symposium.Baltimore:USENIX Association,2005:105-120 [29] Roglia G,Martignoni L,Paleari R,et al.Surgically returning to randomized lib(c) [C]∥Proceedings of Annual Computer Security Applications Conference.Honolulu:ACM New York Press,2009:60-69 [30] Chiueh T-C,Hsu F-H.RAD:A compile-time solution to buffer overflow attacks [C]∥Proceedings of the 21st International Conference on Distributed Computing Systems.Phoenix:IEEE Computer Society,2001:409-420 [31] Schwartz E J,et al.Q:exploit hardening made easy[C]∥Proceedings of 20th USENIX Security Symposium.San Francisco:USENIX Association,2011:379-394 |
No related articles found! |
|