Improving prediction for procedure returns with return-address-stack repair mechanisms
MICRO 31 Proceedings of the 31st annual ACM/IEEE international symposium on Microarchitecture
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
iWatcher: Efficient Architectural Support for Software Debugging
Proceedings of the 31st annual international symposium on Computer architecture
Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Randomized instruction set emulation
ACM Transactions on Information and System Security (TISSEC)
Using DISE to protect return addresses from attack
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Energy-security tradeoff in a secure cache architecture against buffer overflow attacks
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Characterizing antivirus workload execution
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Efficient and flexible architectural support for dynamic monitoring
ACM Transactions on Architecture and Code Optimization (TACO)
Proceedings of the 12th ACM conference on Computer and communications security
SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address
IEEE Transactions on Computers
Using Branch Correlation to Identify Infeasible Paths for Anomaly Detection
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Architecting security: a secure implementation of hardware buffer-overflow protection
ACST'07 Proceedings of the third conference on IASTED International Conference: Advances in Computer Science and Technology
Architectural support for run-time validation of program data properties
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
When good instructions go bad: generalizing return-oriented programming to RISC
Proceedings of the 15th ACM conference on Computer and communications security
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
Return-oriented programming without returns
Proceedings of the 17th ACM conference on Computer and communications security
Hierarchical multi-agent protection system for NoC based MPSoCs
Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems
Enhancing network-on-chip components to support security of processing elements
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
G-Free: defeating return-oriented programming through gadget-less binaries
Proceedings of the 26th Annual Computer Security Applications Conference
Return-oriented rootkit without returns (on the x86)
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Artificial malware immunization based on dynamically assigned sense of self
ISC'10 Proceedings of the 13th international conference on Information security
Jump-oriented programming: a new class of code-reuse attack
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
ROPdefender: a detection tool to defend against return-oriented programming attacks
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Cruiser: concurrent heap buffer overflow monitoring using lock-free data structures
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Mitigating code-reuse attacks with control-flow locking
Proceedings of the 27th Annual Computer Security Applications Conference
Return-Oriented Programming: Systems, Languages, and Applications
ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security
On the expressiveness of return-into-libc attacks
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
What if you can't trust your network card?
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Prevent kernel return-oriented programming attacks using hardware virtualization
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Branch regulation: low-overhead protection from code reuse attacks
Proceedings of the 39th Annual International Symposium on Computer Architecture
Jump oriented programming on windows platform (on the x86)
ICCSA'12 Proceedings of the 12th international conference on Computational Science and Its Applications - Volume Part III
Static secure page allocation for light-weight dynamic information flow tracking
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
A memory access validation scheme against payload injection attacks
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Gadge me if you can: secure and efficient ad-hoc instruction-level randomization for x86 and ARM
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Leveraging speculative architectures for runtime program validation
ACM Transactions on Embedded Computing Systems (TECS)
ASIST: architectural support for instruction set randomization
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Control flow integrity for COTS binaries
SEC'13 Proceedings of the 22nd USENIX conference on Security
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.01 |
Conventional Security have relied on overwriting the saved return pointer on the stack to hijack the path of execution. Under Sun Microsystem's Sparc processor architecture, we were able to implement a kernel modification to transparently and automatically guard application's return pointers. Our implementation called Stack Ghost Open-BSD 2.8 acts as a ghost in the machine. Stack-Ghost advances exploit prevention in that it protects every application run on the system without their knowledge nor does it require their source or binary modification. We will document several of the methods devised to preserve the sanctity of the system and will explore the performance ramifications of Stack Ghost.