Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is …
A method is introduced for detecting intrusions at the level of privileged processes. Evidence is given that short sequences of system calls executed by running processes are a good …
R Wartell, V Mohan, KW Hamlen, Z Lin - … of the 2012 ACM conference on …, 2012 - dl.acm.org
Unlike library code, whose instruction addresses can be randomized by address space layout randomization (ASLR), application binary code often has static instruction addresses …
Code obfuscation is widely used by software developers to protect intellectual property, and malware writers to hamper program analysis. However, there seems to be little work on …
The wide adoption of non-executable page protections in recent versions of popular operating systems has given rise to attacks that employ return-oriented programming (ROP) …
Address-space randomization is a technique used to fortify systems against buffer overflow attacks. The idea is to introduce artificial diversity by randomizing the memory location of …
SA Hofmeyr, S Forrest - Evolutionary computation, 2000 - ieeexplore.ieee.org
An artificial immune system (ARTIS) is described which incorporates many properties of natural immune systems, including diversity, distributed computation, error tolerance …
We describe a new, general approach for safeguarding systems against any type of code- injection attack. We apply Kerckhoff's principle, by creating process-specific randomized …
S Chow, P Eisen, H Johnson… - Selected Areas in …, 2003 - Springer
Conventional software implementations of cryptographic algorithms are totally insecure where a hostile user may control the execution environment, or where co-located with …