We describe a new, general approach for safeguarding systems against any type of code- injection attack. We apply Kerckhoff's principle, by creating process-specific randomized …
S Bhatkar, DC DuVarney, R Sekar - 12th USENIX Security Symposium …, 2003 - usenix.org
Attacks which exploit memory programming errors (such as buffer overflows) are one of today's most serious security threats. These attacks require an attacker to have an in-depth …
C Cowan, S Beattie, J Johansen, P Wagle - 12th USENIX Security …, 2003 - usenix.org
Despite numerous security technologies crafted to resist buffer overflow vulnerabilities, buffer overflows continue to be the dominant form of software security vulnerability. This is …
To understand the threat posed by computer worms, it is necessary to understand the classes of worms, the attackers who may employ them, and the potential payloads. This …
T Hoare - Journal of the ACM (JACM), 2003 - dl.acm.org
This contribution proposes a set of criteria that distinguish a grand challenge in science or engineering from the many other kinds of short-term or long-term research problems that …
J Wilander, M Kamkar - Ndss, 2003 - lass.cs.umass.edu
The size and complexity of software systems is growing, increasing the number of bugs. Many of these bugs constitute security vulnerabilities. Most common of these bugs is the …
M Fähndrich, KRM Leino - Proceedings of the 18th annual ACM …, 2003 - dl.acm.org
Distinguishing non-null references from possibly-null references at the type level can detect null-related errors in object-oriented programs at compile-time. This paper gives a proposal …
J Condit, M Harren, S McPeak, GC Necula… - ACM SIGPLAN …, 2003 - dl.acm.org
CCured is a program transformation system that adds memory safety guarantees to C programs by verifying statically that memory errors cannot occur and by inserting run-time …
N Spring - 4th USENIX Symposium on Internet Technologies and …, 2003 - usenix.org
We present Scriptroute, a system that allows ordinary Internet users to conduct network measurements from remote vantage points. We seek to combine the flexibility found in …