References(30)
[2]
M. Tran, M. Etheridge, T. Bletsch, X. X. Jiang, V. Freeh, and P. Ning, On the expressiveness of return-into-libc attacks, in International Workshop on Recent Advances in Intrusion Detection, Berlin, Germany, 2011, pp. 121-141.
[3]
E. Buchanan, R. Roemer, H. Shacham, and S. Savage, When good instructions go bad: Generalizing return-oriented programming to RISC, in Proceedings of 15th ACM Conference on Computer and Communications Security (CCS’08), Alexandria, VA, USA, 2008, pp. 27-38.
[4]
H. Shacham, The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86), in Proceedings of 14th ACM Conference on Computer and Communications Security (CCS’07), Alexandria, VA, USA, 2007, pp. 552-561.
[5]
J. C. Tang, M. Xu, S. J. Fu, and K. Huang, A scheduling optimization technique based on reuse in spark to defend against APT attack, Tsinghua Science and Technology, vol. 23, no. 9, pp. 550-560, 2018.
[7]
L. Davi, A. R. Sadeghi, and M. Winandy, ROP defender: A detection tool to defend against return-oriented programming attacks, in Proceedings of 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11), Hong Kong, China, 2011, pp. 40-51.
[8]
V. Pappas, M. Polychronakis, and A. D. Keromytis, Transparent ROP exploit mitigation using indirect branch tracing, in Proceedings of 22nd USENIX Security Symposium (USENIX’13), Washington, DC, USA, 2013, pp. 447-462.
[9]
A. Bittau, A. Belay, A. Mashtizadeh, D. Mazières, and D. Boneh, Hacking blind, in Proceedings of 2014 IEEE Symposium on Security and Privacy (S&P 14), San Jose, CA, USA, 2014, pp. 227-242.
[10]
V. Kuznetsov, L. Szekeres, M. Payer, G. Candea, R. Sekar, and D. Song, Code-pointer integrity, in Proceedings of 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI’14), Broomfield, CO, USA, 2014, pp. 147-163.
[11]
H. Shacham, M. Page, B. Pfaff, E. J. Goh, N. Modadugu, and D. Boneh, On the effectiveness of address-space randomization, in Proceedings of 11th ACM Conference on Computer and Communications Security (CCS’04), Washington, DC, USA, 2004, pp. 298-307.
[12]
K. Z. Snow, F. Monrose, L. Davi, A. Dmitrienko, C. Liebchen, and A. R. Sadeghi, Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization, in Proceedings of 2013 IEEE Symposium on Security and Privacy (S&P’13), San Francisco, CA, USA, 2013, pp. 574-588.
[13]
K. J. Lu, C. Y. Song, B. Lee, S. P. Chung, T. Kim, and W. K. Lee, ASLR-Guard: Stopping address space leakage for code reuse attacks, in Proceedings of 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15), Denver, CO, USA, 2015, pp. 280-291.
[16]
O. Oleksenko, D. Kuvaiskii, P. Bhatotia, P. Felber, and C. Fetzer, Intel MPX explained: An empirical study of intel MPX and software-based bounds checking approaches, arXiv preprint arXiv:1702.00719, 2017.
[17]
Y. Chen, Z. Wang, D. Whalley, and L. Lu, Remix: On-demand live randomization, in Proceedings of 6th ACM Conference on Data and Application Security and Privacy (CODASPY’16), New Orleans, LA, USA, 2016, pp. 50-61.
[18]
L. Davi, C. Liebchen, A. R. Sadeghi, K. Z. Snow, and F. Monrose, Isomeron: Code randomization resilient to (just-in-time) return-oriented programming, presented at 2015 Network and Distributed System Security Symposium (NDSS’15), San Diego, CA, USA, 2015.
[19]
J. Hiser, A. Nguyen-Tuong, M. Co, M. Hall, and J. W. Davidson, ILR: Where’d my gadgets go? in Proceedings of 2012 IEEE Symposium on Security and Privacy (S&P’12), San Francisco, CA, USA, 2012, pp. 571-585.
[20]
C. Kil, J. Jun, C. Bookholt, J. Xu, and P. Ning, Address Space Layout Permutation (ASLP): Towards fine-grained randomization of commodity software, in Proceedings of 22nd Annual Computer Security Applications Conference (ACSAC’06), Miami, FL, USA, 2006, pp. 339-348.
[21]
K. J. Lu, W. K. Lee, S. Nürnberger, and M. Backes, How to make ASLR win the clone wars: Runtime re-randomization, Presented at the 2016 Network and Distributed System Security Symposium (NDSS’16), San Diego, CA, USA, 2016.
[22]
M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, S. Mangard, P. Kocher, D. Genkin, Y. Yarom, and M. Hamburg, Meltdown, arXiv preprint arXiv:1801.01207, 2018.
[23]
P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, and Y. Yarom, Spectre attacks: Exploiting speculative execution, arXiv preprint arXiv:1801.01203, 2018.
[24]
C. Zhang, T. Wei, Z. F. Chen, L. Duan, L. Szekeres, S. McCamant, D. Song, and W. Zou, Practical control flow integrity and randomization for binary executables, in Proceedings of 2013 IEEE Symposium on Security and Privacy (S&P’13), San Francisco, CA, USA, 2013, pp. 559-573.
[25]
M. W. Zhang and R. Sekar, Control flow integrity for COTS binaries, in Proceedings of 22nd USENIX Security Symposium (USENIX’13), Washington, DC, USA, 2013, pp. 337-352.
[26]
E. Göktas, E. Athanasopoulos, H. Bos, and G. Portokalidis, Out of control: Overcoming control-flow integrity, in Proceedings of 2014 IEEE Symposium on Security and Privacy (S&P’14), San Jose, CA, USA, 2014, pp. 575-589.
[29]
S. Liang, Y. Zhang, B. Li, X. J. Guo, C. F. Jia, and Z. L. Liu, SecureWeb: Protecting sensitive information through the web browser extension with a security token, Tsinghua Science and Technology, vol. 23, no. 5, pp. 526-538, 2018.