Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Foundations of programming languages
Foundations of programming languages
Types and programming languages
Types and programming languages
Protection in Programming-Language Translations
ICALP '98 Proceedings of the 25th International Colloquium on Automata, Languages and Programming
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Evaluating SFI for a CISC architecture
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Low-level software security: attacks and defenses
Foundations of security analysis and design IV
Independence from obfuscation: A semantic framework for diversity
Journal of Computer Security
Local Memory via Layout Randomization
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
On Protection by Layout Randomization
ACM Transactions on Information and System Security (TISSEC)
Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Layout Randomization and Nondeterminism
Electronic Notes in Theoretical Computer Science (ENTCS)
| Hi-index | 0.00 |
Low-level attacks often rely on guessing absolute or relative memory addresses. Layout randomization aims to thwart such attacks. In this paper, we study layout randomization in a setting in which arrays and functions can be stored in memory. Our results relate layout randomization to language-level protection mechanisms, namely to the use of abstract locations (rather than integer addresses). They apply, in particular, when each abstract location can hold an entire array which, concretely, compilation implements with a memory buffer at a random base address.