Operating system protection through program evolution
Computers and Security
Dynamo: a transparent dynamic optimization system
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Improving the TCPA Specification
Computer
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Type-Assisted Dynamic Buffer Overflow Detection
Proceedings of the 11th USENIX Security Symposium
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
CSSV: towards a realistic tool for statically detecting all buffer overflows in C
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
RAD: A Compile-Time Solution to Buffer Overflow Attacks
ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
A framework for trusted instruction execution via basic block signature verification
ACM-SE 42 Proceedings of the 42nd annual Southeast regional conference
StackGhost: Hardware facilitated stack protection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
FormatGuard: automatic protection from printf format string vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
TIED, LibsafePlus: tools for runtime buffer overflow protection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Design space and analysis of worm defense strategies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Secure and practical defense against code-injection attacks using software dynamic translation
Proceedings of the 2nd international conference on Virtual execution environments
Proteus: virtualization for diversified tamper-resistance
Proceedings of the ACM workshop on Digital rights management
Where's the FEEB? the effectiveness of instruction set randomization
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)
Proceedings of the 14th ACM conference on Computer and communications security
Information Security Tech. Report
Diversification of Processors Based on Redundancy in Instruction Set
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
MEDS: The Memory Error Detection System
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
The future of biologically-inspired security: is there anything left to learn?
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Proactive Fortification of Fault-Tolerant Services
OPODIS '09 Proceedings of the 13th International Conference on Principles of Distributed Systems
Run-time randomization to mitigate tampering
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
ACM Transactions on Computer Systems (TOCS)
Independence from obfuscation: A semantic framework for diversity
Journal of Computer Security
On the effectiveness of the metamorphic shield
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
HSP: A solution against heap sprays
Journal of Systems and Software
Fast and practical instruction-set randomization for commodity systems
Proceedings of the 26th Annual Computer Security Applications Conference
Artificial malware immunization based on dynamically assigned sense of self
ISC'10 Proceedings of the 13th international conference on Information security
PEASOUP: preventing exploits against software of uncertain provenance (position paper)
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Return address randomization scheme for annuling data-injection buffer overflow attacks
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Return-Oriented Programming: Systems, Languages, and Applications
ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security
Dependable and Historic Computing
On Protection by Layout Randomization
ACM Transactions on Information and System Security (TISSEC)
Babel: a secure computer is a polyglot
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
Feedback-driven binary code diversification
ACM Transactions on Architecture and Code Optimization (TACO) - Special Issue on High-Performance Embedded Architectures and Compilers
Memory errors: the past, the present, and the future
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Distributed application tamper detection via continuous software updates
Proceedings of the 28th Annual Computer Security Applications Conference
ASIST: architectural support for instruction set randomization
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Proceedings of the 2013 workshop on New security paradigms workshop
Post-compiler software optimization for reducing energy
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
TDVMP: Improved Virtual Machine-Based Software Protection with Time Diversity
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
Hi-index | 0.00 |
Injecting binary code into a running program is a common form of attack. Most defenses employ a “guard the doors” approach, blocking known mechanisms of code injection. Randomized instruction set emulation (RISE) is a complementary method of defense, one that performs a hidden randomization of an application's machine code. If foreign binary code is injected into a program running under RISE, it will not be executable because it will not know the proper randomization. The paper describes and analyzes RISE, describing a proof-of-concept implementation built on the open-source Valgrind IA32-to-IA32 translator. The prototype effectively disrupts binary code injection attacks, without requiring recompilation, linking, or access to application source code. Under RISE, injected code (attacks) essentially executes random code sequences. Empirical studies and a theoretical model are reported which treat the effects of executing random code on two different architectures (IA32 and PowerPC). The paper discusses possible extensions and applications of the RISE technique in other contexts.