Lift: A low-overhead practical information flow tracking system for detecting security attacks
Computer security is severely threatened by software vulnerabilities. Prior work shows that
information flow tracking (also referred to as taint analysis) is a promising technique to detect …
information flow tracking (also referred to as taint analysis) is a promising technique to detect …
[图书][B] Security engineering with patterns: origins, theoretical models, and new applications
M Schumacher - 2003 - books.google.com
For quite some time, in systems and software design, security only came as a second
thought or even as a nice-to-have add-on. However, since the breakthrough of the Internet …
thought or even as a nice-to-have add-on. However, since the breakthrough of the Internet …
[PDF][PDF] A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention.
J Wilander, M Kamkar - Ndss, 2003 - lass.cs.umass.edu
The size and complexity of software systems is growing, increasing the number of bugs.
Many of these bugs constitute security vulnerabilities. Most common of these bugs is the …
Many of these bugs constitute security vulnerabilities. Most common of these bugs is the …
RIPE: Runtime intrusion prevention evaluator
J Wilander, N Nikiforakis, Y Younan, M Kamkar… - Proceedings of the 27th …, 2011 - dl.acm.org
Despite the plethora of research done in code injection countermeasures, buffer overflows
still plague modern software. In 2003, Wilander and Kamkar published a comparative …
still plague modern software. In 2003, Wilander and Kamkar published a comparative …
SmashGuard: A hardware solution to prevent security attacks on the function return address
H Ozdoganoglu, TN Vijaykumar… - IEEE Transactions …, 2006 - ieeexplore.ieee.org
A buffer overflow attack is perhaps the most common attack used to compromise the security
of a host. This attack can be used to change the function return address and redirect …
of a host. This attack can be used to change the function return address and redirect …
Hardware and binary modification support for code pointer protection from buffer overflow
N Tuck, B Calder, G Varghese - 37th International Symposium …, 2004 - ieeexplore.ieee.org
Buffer overflow vulnerabilities are currently the most prevalent security vulnerability; they are
responsible for over half of the CERT advisories issued in the last three years. Since many …
responsible for over half of the CERT advisories issued in the last three years. Since many …
Automatic diagnosis and response to memory corruption vulnerabilities
J Xu, P Ning, C Kil, Y Zhai, C Bookholt - … of the 12th ACM conference on …, 2005 - dl.acm.org
Cyber attacks against networked computers have become relentless in recent years. The
most common attack method is to exploit memory corruption vulnerabilities such as buffer …
most common attack method is to exploit memory corruption vulnerabilities such as buffer …
Run-time Detection of Heap-based Overflows.
WK Robertson, C Kruegel, D Mutz, F Valeur - LISA, 2003 - usenix.org
Buffer overflows belong to the most common class of attacks on today's Internet. Although
stack-based variants are still by far more frequent and well-understood, heap-based …
stack-based variants are still by far more frequent and well-understood, heap-based …
GHUMVEE: efficient, effective, and flexible replication
S Volckaert, B De Sutter, T De Baets… - … and Practice of Security …, 2013 - Springer
We present GHUMVEE, a multi-variant execution engine for software intrusion detection.
GHUMVEE transparently executes and monitors diversified replicae of processes to thwart …
GHUMVEE transparently executes and monitors diversified replicae of processes to thwart …
Towards efficient heap overflow discovery
Heap overflow is a prevalent memory corruption vulnerability, playing an important role in
recent attacks. Finding such vulnerabilities in applications is thus critical for security. Many …
recent attacks. Finding such vulnerabilities in applications is thus critical for security. Many …