Adding run-time checking to the portable C compiler
Software—Practice & Experience
Symbolic bounds analysis of pointers, array indices, and accessed memory regions
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
Protection of Software-Based Survivability Mechanisms
DSN '01 Proceedings of the 2001 International Conference on Dependable Systems and Networks (formerly: FTCS)
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Breaking Abstractions and Unstructuring Data Structures
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
RAD: A Compile-Time Solution to Buffer Overflow Attacks
ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
FormatGuard: automatic protection from printf format string vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
SELF: a transparent security extension for ELF binaries
Proceedings of the 2003 workshop on New security paradigms
Review and analysis of synthetic diversity for breaking monocultures
Proceedings of the 2004 ACM workshop on Rapid malcode
An efficient and backwards-compatible transformation to ensure memory safety of C programs
Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
How to Win and Evolutionary Arms Race
IEEE Security and Privacy
An architecture a day keeps the hacker away
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Using instruction block signatures to counter code injection attacks
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Fast and automated generation of attack signatures: a basis for building self-protecting servers
Proceedings of the 12th ACM conference on Computer and communications security
Automatic diagnosis and response to memory corruption vulnerabilities
Proceedings of the 12th ACM conference on Computer and communications security
Proceedings of the 12th ACM conference on Computer and communications security
Defending against hitlist worms using network address space randomization
Proceedings of the 2005 ACM workshop on Rapid malcode
Countering Network Worms Through Automatic Patch Generation
IEEE Security and Privacy
IEEE Transactions on Computers
Design space and analysis of worm defense strategies
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
DieHard: probabilistic memory safety for unsafe languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Improving address space randomization with a dynamic offset randomization technique
Proceedings of the 2006 ACM symposium on Applied computing
Diversity as a computer defense mechanism
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address
IEEE Transactions on Computers
Exploit hijacking: side effects of smart defenses
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Comprehensively and efficiently protecting the heap
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
Proteus: virtualization for diversified tamper-resistance
Proceedings of the ACM workshop on Digital rights management
Scalable network-based buffer overflow attack detection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Secure Bit: Transparent, Hardware Buffer-Overflow Protection
IEEE Transactions on Dependable and Secure Computing
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
A framework for diversifying windows native APIs to tolerate code injection attacks
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Exterminator: automatically correcting memory errors with high probability
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
On gray-box program tracking for anomaly detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Fixing races for fun and profit: how to use access(2)
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Protecting against unexpected system calls
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Efficient techniques for comprehensive protection from memory error exploits
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Defending against hitlist worms using network address space randomization
Computer Networks: The International Journal of Computer and Telecommunications Networking
Sweeper: a lightweight end-to-end system for defending against fast worms
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
IEEE Pervasive Computing
Renovo: a hidden code extractor for packed executables
Proceedings of the 2007 ACM workshop on Recurring malcode
On the infeasibility of modeling polymorphic shellcode
Proceedings of the 14th ACM conference on Computer and communications security
Information Security Tech. Report
Towards self-propagate mal-packets in sensor networks
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Eudaemon: involuntary and on-demand emulation against zero-day exploits
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Diverse replication for single-machine Byzantine-fault tolerance
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
The FOREVER service for fault/intrusion removal
Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems
Static Analysis on x86 Executables for Preventing Automatic Mimicry Attacks
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
FormatShield: A Binary Rewriting Defense against Format String Attacks
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Instruction-level countermeasures against stack-based buffer overflow attacks
Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems
Proceedings of the 4th ACM European conference on Computer systems
Breaking the memory secrecy assumption
Proceedings of the Second European Workshop on System Security
MEDS: The Memory Error Detection System
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
POTSHARDS—a secure, recoverable, long-term archival storage system
ACM Transactions on Storage (TOS)
Address-space layout randomization using code islands
Journal of Computer Security - Best papers of the Sec Track at the 2006 ACM Symposium
Polymorphing Software by Randomizing Data Structure Layout
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Proceedings of the 2008 workshop on New security paradigms
Proceedings of the 2008 workshop on New security paradigms
The future of biologically-inspired security: is there anything left to learn?
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Filter-resistant code injection on ARM
Proceedings of the 16th ACM conference on Computer and communications security
Proactive Fortification of Fault-Tolerant Services
OPODIS '09 Proceedings of the 13th International Conference on Principles of Distributed Systems
Orthrus: efficient software integrity protection on multi-cores
Proceedings of the fifteenth edition of ASPLOS on Architectural support for programming languages and operating systems
Proceedings of the 2010 Workshop on Interaction between Compilers and Computer Architecture
Efficient code diversification for network reprogramming in sensor networks
Proceedings of the third ACM conference on Wireless network security
PAriCheck: an efficient pointer arithmetic checker for C programs
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
A novel approach against the system buffer overflow
International Journal of Internet Technology and Secured Transactions
ACM Transactions on Computer Systems (TOCS)
Malicious shellcode detection with virtual memory snapshots
INFOCOM'10 Proceedings of the 29th conference on Information communications
Independence from obfuscation: A semantic framework for diversity
Journal of Computer Security
Using Pit to improve security in low-level programs
The Journal of Supercomputing
On the effectiveness of multi-variant program execution for vulnerability detection and prevention
Proceedings of the 6th International Workshop on Security Measurements and Metrics
Pushing boulders uphill: the difficulty of network intrusion recovery
LISA'09 Proceedings of the 23rd conference on Large installation system administration
NOZZLE: a defense against heap-spraying code injection attacks
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
HSP: A solution against heap sprays
Journal of Systems and Software
Proceedings of the 17th ACM conference on Computer and communications security
Proceedings of the FSE/SDP workshop on Future of software engineering research
Fast and practical instruction-set randomization for commodity systems
Proceedings of the 26th Annual Computer Security Applications Conference
Heap Taichi: exploiting memory allocation granularity in heap-spraying attacks
Proceedings of the 26th Annual Computer Security Applications Conference
Taxonomy and classification of automatic monitoring of program security vulnerability exploitations
Journal of Systems and Software
Embedded firmware diversity for smart electric meters
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
Efficient detection of the return-oriented programming malicious code
ICISS'10 Proceedings of the 6th international conference on Information systems security
ValueGuard: protection of native applications against data-only buffer overflows
ICISS'10 Proceedings of the 6th international conference on Information systems security
Misleading malware similarities analysis by automatic data structure obfuscation
ISC'10 Proceedings of the 13th international conference on Information security
Fine-grained user-space security through virtualization
Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Jump-oriented programming: a new class of code-reuse attack
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Application communities: using monoculture for dependability
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
Cruiser: concurrent heap buffer overflow monitoring using lock-free data structures
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Address space randomization for mobile devices
Proceedings of the fourth ACM conference on Wireless network security
Enforcing executing-implies-verified with the integrity-aware processor
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Code pointer masking: hardening applications against code injection attacks
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Filter-resistant code injection on ARM
Journal in Computer Virology
Mobile Agent Protection with Self-Modifying Code
Journal of Signal Processing Systems
Revisiting address space randomization
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
SimFuzz: Test case similarity directed deep fuzzing
Journal of Systems and Software
Proceedings of the 4th international conference on Security of information and networks
Mitigating code-reuse attacks with control-flow locking
Proceedings of the 27th Annual Computer Security Applications Conference
Efficient protection against heap-based buffer overflows without resorting to magic
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Network–Level polymorphic shellcode detection using emulation
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
An efficient pointer protection scheme to defend buffer overflow attacks
PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
FLIPS: hybrid adaptive intrusion prevention
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
On random-inspection-based intrusion detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Anomalous payload-based worm detection and signature generation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
SafeCard: a gigabit IPS on the network card
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
TAO: protecting against hitlist worms using transparent address obfuscation
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Hardware stack design: towards an effective defence against frame pointer overwrite attacks
IWSEC'06 Proceedings of the 1st international conference on Security
BuBBle: a javascript engine level countermeasure against heap-spraying attacks
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Efficient and effective buffer overflow protection on ARM processors
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Minemu: the world's fastest taint tracker
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Dymo: tracking dynamic code identity
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Packed, printable, and polymorphic return-oriented programming
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
On Protection by Layout Randomization
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the Tenth International Symposium on Code Generation and Optimization
Stack layout transformation: towards diversity for securing binary programs
Proceedings of the 34th International Conference on Software Engineering
HotPar'12 Proceedings of the 4th USENIX conference on Hot Topics in Parallelism
Body armor for binaries: preventing buffer overflows without recompilation
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Recent developments in low-level software security
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Enhanced operating system security through efficient and fine-grained address space randomization
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Binary stirring: self-randomizing instruction addresses of legacy x86 binary code
Proceedings of the 2012 ACM conference on Computer and communications security
Marlin: making it harder to fish for gadgets
Proceedings of the 2012 ACM conference on Computer and communications security
OS-Sommelier: memory-only operating system fingerprinting in the cloud
Proceedings of the Third ACM Symposium on Cloud Computing
Feedback-driven binary code diversification
ACM Transactions on Architecture and Code Optimization (TACO) - Special Issue on High-Performance Embedded Architectures and Compilers
Learning fine-grained structured input for memory corruption detection
ISC'12 Proceedings of the 15th international conference on Information Security
There is safety in numbers: preventing control-flow hijacking by duplication
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Down to the bare metal: using processor features for binary analysis
Proceedings of the 28th Annual Computer Security Applications Conference
String oriented programming: when ASLR is not enough
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
Improving Memory Management Security for C and C++
International Journal of Secure Software Engineering
STABILIZER: statistically sound performance evaluation
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Composing OS extensions safely and efficiently with Bascule
Proceedings of the 8th ACM European Conference on Computer Systems
CPM: Masking Code Pointers to Prevent Code Injection Attacks
ACM Transactions on Information and System Security (TISSEC)
ASIST: architectural support for instruction set randomization
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
HeapSentry: kernel-assisted protection against heap overflows
DIMVA'13 Proceedings of the 10th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Control flow integrity for COTS binaries
SEC'13 Proceedings of the 22nd USENIX conference on Security
Transparent ROP exploit mitigation using indirect branch tracing
SEC'13 Proceedings of the 22nd USENIX conference on Security
ARMORY: An automatic security testing tool for buffer overflow defect detection
Computers and Electrical Engineering
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 4th ACM conference on Data and application security and privacy
A distributed framework for demand-driven software vulnerability detection
Journal of Systems and Software
Hi-index | 0.02 |
Attacks which exploit memory programming errors (such as buffer overflows) are one of today's most serious security threats. These attacks require an attacker to have an in-depth understanding of the internal details of a victim program, including the locations of critical data and/or code. Program obfuscation is a general technique for securing programs by making it difficult for attackers to acquire such a detailed understanding. This paper develops a systematic study of a particular kind of obfuscation called address obfuscation that randomizes the location of victim program data and code. We discuss different implementation strategies to randomize the absolute locations of data and code, as well as relative distances between data locations. We then present our implementation that transforms object files and executables at link-time and load-time. It requires no changes to the OS kernel or compilers, and can be applied to individual applications without affecting the rest of the system. It can be implemented with low runtime overheads. Address obfuscation can reduce the probability of successful attacks to be as low as a small fraction of a percent for most memory-error related attacks. Moreover, the randomization ensures that an attack that succeeds against one victim will likely not succeed against another victim, or even for a second time against the same victim. Each failed attempt will typically crash the victim program, thereby making it easy to detect attack attempts. These aspects make it particularly effective against large-scale attacks such as Code Red, since each infection attempt requires significantly more resources, thereby slowing down the propagation rate of such attacks.