Garbage collection in an uncooperative environment
Software—Practice & Experience
Communications of the ACM
Adding run-time checking to the portable C compiler
Software—Practice & Experience
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Efficient detection of all pointer and array access errors
PLDI '94 Proceedings of the ACM SIGPLAN 1994 conference on Programming language design and implementation
Low-cost, concurrent checking of pointer and array accesses in C programs
Software—Practice & Experience
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Operating system enhancements to prevent the misuse of system calls
Proceedings of the 7th ACM conference on Computer and communications security
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Writing Secure Code
Ensuring code safety without runtime checks for real-time control systems
CASES '02 Proceedings of the 2002 international conference on Compilers, architecture, and synthesis for embedded systems
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Type-Assisted Dynamic Buffer Overflow Detection
Proceedings of the 11th USENIX Security Symposium
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Memory safety without runtime checks or garbage collection
Proceedings of the 2003 ACM SIGPLAN conference on Language, compiler, and tool for embedded systems
Anomaly Detection Using Call Stack Information
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
RAD: A Compile-Time Solution to Buffer Overflow Attacks
ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Protecting C programs from attacks via invalid pointer dereferences
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
Detection of injected, dynamically generated, and obfuscated malicious code
Proceedings of the 2003 ACM workshop on Rapid malcode
Using Program Transformation to Secure C Programs Against Buffer Overflows
WCRE '03 Proceedings of the 10th Working Conference on Reverse Engineering
Defending Embedded Systems Against Buffer Overflow via Hardware/Software
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Protection against Indirect Overflow Attacks on Pointers
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Experience with safe manual memory-management in cyclone
Proceedings of the 4th international symposium on Memory management
An efficient and backwards-compatible transformation to ensure memory safety of C programs
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors)
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Run-time Detection of Heap-based Overflows
LISA '03 Proceedings of the 17th USENIX conference on System administration
Automatic pool allocation: improving performance by controlling data structure layout in the heap
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Defeating Memory Corruption Attacks via Pointer Taintedness Detection
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Checking Array Bound Violation Using Segmentation Hardware
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Proceedings of the 12th ACM conference on Computer and communications security
Preventing format-string attacks via automatic and efficient dynamic checking
Proceedings of the 12th ACM conference on Computer and communications security
e-NeXSh: Achieving an Effectively Non-Executable Stack and Heap via System-Call Policing
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
SAFECode: enforcing alias analysis for weakly typed languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
DieHard: probabilistic memory safety for unsafe languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Backwards-compatible array bounds checking for C with very low overhead
Proceedings of the 28th international conference on Software engineering
Secure and practical defense against code-injection attacks using software dynamic translation
Proceedings of the 2nd international conference on Virtual execution environments
Efficiently Detecting All Dangling Pointer Uses in Production Servers
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
Dynamic code instrumentation to detect and recover from return address corruption
Proceedings of the 2006 international workshop on Dynamic systems analysis
Software—Practice & Experience
Comprehensively and efficiently protecting the heap
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
SegmentShield: Exploiting Segmentation Hardware for Protecting against Buffer Overflow Attacks
SRDS '06 Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems
Foreign Code Detection on the Windows/X86 Platform
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Software
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Known/Chosen Key Attacks against Software Instruction Set Randomization
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Extended Protection against Stack Smashing Attacks without Performance Loss
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Practical taint-based protection using demand emulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Hardware/software optimization for array & pointer boundary checking against buffer overflow attacks
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
FormatGuard: automatic protection from printf format string vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Address obfuscation: an efficient approach to combat a board range of memory error exploits
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Where's the FEEB? the effectiveness of instruction set randomization
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Automating mimicry attacks using static binary analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Protecting against unexpected system calls
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Efficient techniques for comprehensive protection from memory error exploits
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Large-scale analysis of format string vulnerabilities in Debian Linux
Proceedings of the 2007 workshop on Programming languages and analysis for security
Securing software by enforcing data-flow integrity
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
N-variant systems: a secretless framework for security through diversity
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Evaluating SFI for a CISC architecture
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
StackGhost: Hardware facilitated stack protection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
A tool for constructing safe extensible C++ systems
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
strlcpy and strlcat: consistent, safe, string copy and concatenation
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
Ensuring secure program execution in multiprocessor embedded systems: a case study
CODES+ISSS '07 Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis
RandSys: Thwarting Code Injection Attacks with System Service Interface Randomization
SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)
Proceedings of the 14th ACM conference on Computer and communications security
A practical mimicry attack against powerful system-call monitors
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Preventing Memory Error Exploits with WIT
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
FormatShield: A Binary Rewriting Defense against Format String Attacks
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
IEEE Software
Efficient Anomaly Detection System for Mobile Handsets
SECURWARE '08 Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies
Code injection attacks on harvard-architecture devices
Proceedings of the 15th ACM conference on Computer and communications security
Real-world buffer overflow protection for userspace & kernelspace
SS'08 Proceedings of the 17th conference on Security symposium
Instruction-level countermeasures against stack-based buffer overflow attacks
Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems
Proceedings of the 4th ACM European conference on Computer systems
Breaking the memory secrecy assumption
Proceedings of the Second European Workshop on System Security
MEDS: The Memory Error Detection System
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
SoftBound: highly compatible and complete spatial memory safety for c
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Polymorphing Software by Randomizing Data Structure Layout
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Filter-resistant code injection on ARM
Proceedings of the 16th ACM conference on Computer and communications security
Defending embedded systems against control flow attacks
Proceedings of the first ACM workshop on Secure execution of untrusted code
DROP: Detecting Return-Oriented Programming Malicious Code
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Surgically Returning to Randomized lib(c)
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
TCBC: Trap Caching Bounds Checking for C
DASC '09 Proceedings of the 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing
PAriCheck: an efficient pointer arithmetic checker for C programs
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Dependent types for low-level programming
ESOP'07 Proceedings of the 16th European conference on Programming
Fail-safe ANSI-C compiler: an approach to making C programs secure
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
CETS: compiler enforced temporal safety for C
Proceedings of the 2010 international symposium on Memory management
Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
NOZZLE: a defense against heap-spraying code injection attacks
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Return address randomization scheme for annuling data-injection buffer overflow attacks
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Efficient protection against heap-based buffer overflows without resorting to magic
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
BuBBle: a javascript engine level countermeasure against heap-spraying attacks
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Improving Memory Management Security for C and C++
International Journal of Secure Software Engineering
Code pointer masking: hardening applications against code injection attacks
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Recent developments in low-level software security
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
FlowFox: a web browser with flexible and precise information flow control
Proceedings of the 2012 ACM conference on Computer and communications security
CPM: Masking Code Pointers to Prevent Code Injection Attacks
ACM Transactions on Information and System Security (TISSEC)
HeapSentry: kernel-assisted protection against heap overflows
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
SEC'13 Proceedings of the 22nd USENIX conference on Security
| Hi-index | 0.00 |
The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit these vulnerabilities to gain control over the execution flow of applications. These attacks have played a key role in many major security incidents. Consequently, a huge body of research on countermeasures exists. We provide a comprehensive and structured survey of vulnerabilities and countermeasures that operate at runtime. These countermeasures make different trade-offs in terms of performance, effectivity, compatibility, etc., making it hard to evaluate and compare countermeasures in a given context. We define a classification and evaluation framework on the basis of which countermeasures can be assessed.