Unlike library code, whose instruction addresses can be randomized by address space layout randomization (ASLR), application binary code often has static instruction addresses. Attackers can exploit this limitation to craft robust shell codes for such applications, as demonstrated by a recent attack that reuses instruction gadgets from the static binary code of victim applications. This paper introduces binary stirring, a new technique that imbues x86 native code with the ability to self-randomize its instruction addresses each time it is launched. The input to STIR is only the application binary code without any source code, debug symbols, or relocation information. The output is a new binary whose basic block addresses are dynamically det...
Abstract—Through randomization of the memory space and the confinement of code to non-data pages, co...
Abstract. Address Space Layout Randomization (ASLR) is a widely used technique for the prevention of...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Injecting binary code into a running program is a common form of attack. Most defenses employ a “gua...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Code injection attacks are a top threat to today's Internet. With zero-day attacks on the rise,...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Buffer overflow and heap overflow injection attacks have been studied for some time. Recent techniqu...
Summarization: Instruction Set Randomization (ISR) is able to protect against remote code injection ...
sbhatkar,dand,sekar¡ Attacks which exploit memory programming errors (such as buffer overflows) are ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Many modern defenses rely on address space layout randomization (ASLR) to efficiently hide security-...
Abstract—Through randomization of the memory space and the confinement of code to non-data pages, co...
Abstract. Address Space Layout Randomization (ASLR) is a widely used technique for the prevention of...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Injecting binary code into a running program is a common form of attack. Most defenses employ a “gua...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Code reuse attacks such as return-oriented programming are one of the most powerful threats to conte...
Software that is in use and under development today still contains as many bugs as ever. These bugs ...
Code injection attacks are a top threat to today's Internet. With zero-day attacks on the rise,...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Buffer overflow and heap overflow injection attacks have been studied for some time. Recent techniqu...
Summarization: Instruction Set Randomization (ISR) is able to protect against remote code injection ...
sbhatkar,dand,sekar¡ Attacks which exploit memory programming errors (such as buffer overflows) are ...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Abstract—Fine-grained address space layout randomization (ASLR) has recently been proposed as a meth...
Many modern defenses rely on address space layout randomization (ASLR) to efficiently hide security-...
Abstract—Through randomization of the memory space and the confinement of code to non-data pages, co...
Abstract. Address Space Layout Randomization (ASLR) is a widely used technique for the prevention of...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...