Code-reuse attacks, including return-oriented programming (ROP) and jump-oriented programming, bypass defenses against code injection by repurposing existing executable code in application binaries and shared libraries toward a malicious end. A common feature of these attacks is the reliance on the knowledge of the layout of the executable code. We propose a fine grained randomization based approach that modifies the layout of executable code and hinders code-reuse attack. Our solution consists solely of a modified dynamic loader that randomizes the internal structure of the executable code, thereby denying the attacker the necessary apriori knowledge for constructing the desired sequence of gadgets. Our approach has the advantage that it c...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
The wide adoption of non-executable page protections in recent versions of popular operating systems...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of eff...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Code-reuse attacks continue to evolve and remain a severe threat to modern software. Recent research...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Until recently, it was widely believed that code randomization (such as fine-grained ASLR) can effec...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Abstract—The wide adoption of non-executable page protec-tions in recent versions of popular operati...
The wide adoption of non-executable page protections in recent versions of popular operating systems...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Fine-grained address space layout randomization (ASLR) has recently been proposed as a method of eff...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Code-reuse attacks continue to evolve and remain a severe threat to modern software. Recent research...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Address-space layout randomization is a wellestablished defense against code-reuse attacks. However,...
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and...
Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malic...