Bochs: A Portable PC Emulator for Unix/X
Linux Journal
Enabling trusted software integrity
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Retargetable and reconfigurable software dynamic translation
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Safe Virtual Execution Using Software Dynamic Translation
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Strata: A Software Dynamic Translation Infrastructure
Strata: A Software Dynamic Translation Infrastructure
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
Compact Binaries with Code Compression in a Software Dynamic Translator
Proceedings of the conference on Design, automation and test in Europe - Volume 2
Link-time optimization of ARM binaries
Proceedings of the 2004 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns
IEEE Security and Privacy
Randomized instruction set emulation
ACM Transactions on Information and System Security (TISSEC)
Using instruction block signatures to counter code injection attacks
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Detection and prevention of stack buffer overflow attacks
Communications of the ACM
FormatGuard: automatic protection from printf format string vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Where's the FEEB? the effectiveness of instruction set randomization
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Automated adaptive intrusion containment in systems of interacting services
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Survey of Approaches to Adaptive Application Security
SEAMS '07 Proceedings of the 2007 International Workshop on Software Engineering for Adaptive and Self-Managing Systems
Addressing the challenges of DBT for the ARM architecture
Proceedings of the 2009 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
Using program metadata to support SDT in object-oriented applications
Proceedings of the 4th workshop on the Implementation, Compilation, Optimization of Object-Oriented Languages and Programming Systems
DBT path selection for holistic memory efficiency and performance
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Reducing exit stub memory consumption in code caches
HiPEAC'07 Proceedings of the 2nd international conference on High performance embedded architectures and compilers
Metaman: system-wide metadata management
Proceedings of the Workshop on Binary Instrumentation and Applications
On the effectiveness of the metamorphic shield
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
The case for software evolution
Proceedings of the FSE/SDP workshop on Future of software engineering research
Fast and practical instruction-set randomization for commodity systems
Proceedings of the 26th Annual Computer Security Applications Conference
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
PEASOUP: preventing exploits against software of uncertain provenance (position paper)
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
International Journal of Automation and Computing
Replacement attacks against VM-protected applications
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Dependable and Historic Computing
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
Memory optimization of dynamic binary translators for embedded systems
ACM Transactions on Architecture and Code Optimization (TACO)
Enhanced operating system security through efficient and fine-grained address space randomization
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Enabling dynamic binary translation in embedded systems with scratchpad memory
ACM Transactions on Embedded Computing Systems (TECS)
ASIST: architectural support for instruction set randomization
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
One of the most common forms of security attacks involves exploiting a vulnerability to inject malicious code into an executing application and then cause the injected code to be executed. A theoretically strong approach to defending against any type of code-injection attack is to create and use a process-specific instruction set that is created by a randomization algorithm. Code injected by an attacker who does not know the randomization key will be invalid for the randomized processor effectively thwarting the attack. This paper describes a secure and efficient implementation of instruction-set randomization (ISR) using software dynamic translation. The paper makes three contributions beyond previous work on ISR. First, we describe an implementation that uses a strong cipher algorithm--the Advanced Encryption Standard (AES), to perform randomization. AES is generally believed to be impervious to known attack methodologies. Second, we demonstrate that ISR using AES can be implemented practically and efficiently (considering both execution time and code size overheads) without requiring special hardware support. The third contribution is that our approach detects malicious code before it is executed. Previous approaches relied on probabilistic arguments that execution of non-randomized foreign code would eventually cause a fault or runtime exception.