[HTML][HTML] Diversification and obfuscation techniques for software security: A systematic literature review
Context: Diversification and obfuscation are promising techniques for securing software and
protecting computers from harmful malware. The goal of these techniques is not removing …
protecting computers from harmful malware. The goal of these techniques is not removing …
The multiple facets of software diversity: Recent developments in year 2000 and beyond
B Baudry, M Monperrus - ACM Computing Surveys (CSUR), 2015 - dl.acm.org
Early experiments with software diversity in the mid 1970s investigated N-version
programming and recovery blocks to increase the reliability of embedded systems. Four …
programming and recovery blocks to increase the reliability of embedded systems. Four …
Enhanced operating system security through efficient and fine-grained address space randomization
C Giuffrida, A Kuijsten, AS Tanenbaum - 21st USENIX Security …, 2012 - usenix.org
In recent years, the deployment of many application-level countermeasures against memory
errors and the increasing number of vulnerabilities discovered in the kernel has fostered a …
errors and the increasing number of vulnerabilities discovered in the kernel has fostered a …
It's a TRaP: Table randomization and protection against function-reuse attacks
Code-reuse attacks continue to evolve and remain a severe threat to modern software.
Recent research has proposed a variety of defenses with differing security, efficiency, and …
Recent research has proposed a variety of defenses with differing security, efficiency, and …
[PDF][PDF] How to Make ASLR Win the Clone Wars: Runtime Re-Randomization.
Existing techniques for memory randomization such as the widely explored Address Space
Layout Randomization (ASLR) perform a single, per-process randomization that is applied …
Layout Randomization (ASLR) perform a single, per-process randomization that is applied …
[PDF][PDF] Address Oblivious Code Reuse: On the Effectiveness of Leakage Resilient Diversity.
R Rudd, R Skowyra, D Bigelow, V Dedhia, T Hobson… - NDSS, 2017 - ndss-symposium.org
Memory corruption vulnerabilities not only allow modification of control data and injection of
malicious payloads; they also allow adversaries to reconnoiter a diversified program …
malicious payloads; they also allow adversaries to reconnoiter a diversified program …
Type inference on executables
J Caballero, Z Lin - ACM Computing Surveys (CSUR), 2016 - dl.acm.org
In many applications, source code and debugging symbols of a target program are not
available, and the only thing that we can access is the program executable. A fundamental …
available, and the only thing that we can access is the program executable. A fundamental …
Address space layout randomization next generation
H Marco-Gisbert, I Ripoll Ripoll - Applied Sciences, 2019 - mdpi.com
Systems that are built using low-power computationally-weak devices, which force
developers to favor performance over security; which jointly with its high connectivity …
developers to favor performance over security; which jointly with its high connectivity …
Layered obfuscation: a taxonomy of software obfuscation techniques for layered security
Software obfuscation has been developed for over 30 years. A problem always confusing
the communities is what security strength the technique can achieve. Nowadays, this …
the communities is what security strength the technique can achieve. Nowadays, this …
Security implications of memory deduplication in a virtualized environment
Memory deduplication has been widely used in various commodity hypervisors. By merging
identical memory contents, it allows more virtual machines to run concurrently on top of a …
identical memory contents, it allows more virtual machines to run concurrently on top of a …