Your search keyword '"ASLR"' showing total 45 results

1. A Segmented Stack Randomization for bare-metal IoT devices

Author

Jung, Junho, Kim, BeomSeok, Son, Heeseung, Jang, Daehee, Lee, Ben, and Cho, Jinsung

Published

2025

2. A compact tri-band bandpass filter using asymmetrical stub-loaded resonator.

Author

Li, Dawei, Zhou, Yang, Chen, Shaoping, and Wu, Yueyang

Subjects

*WIRELESS LANs, *BANDPASS filters, *RESONATORS, *WIRELESS communications

Abstract

This paper proposes a novel compact tri-band bandpass filter based on two coupled asymmetrical stub-loaded resonators (ASLR). The proposed filter can achieve three resonant frequencies by tuning uniform impedance line, short-circuit stub, and open-circuit stub, respectively. In addition, the asymmetrical stub can be loaded at any position of the main branch, which will facilitate the circuit design for no impedance of special ratio is needed, and the design bound can be alleviated. Meanwhile, thanks to its simple structure, the whole filter occupies an area of 0.021 λg2 based on RO4350B substrate, much smaller than other similar tri-band filters. Measurement results show that the filter achieves fractional bandwidths (FBW) of 7.5%, 6.4% and 4.2%, respectively for three bands. The proposed filter is small and can achieve a high-frequency selectivity at 2.45 GHz, 3.5 GHz and 5.25 GHz, corresponding to Bluetooth, World Interoperability for Microwave Access (WiMAX) and Wireless Local Area Network (WLAN), respectively. The proposed filter will find a wide application in wireless communications thanks to its attractive advantages. [ABSTRACT FROM AUTHOR]

Published

2024

3. fASLR: Function-Based ASLR for Resource-Constrained IoT Systems

Author

Shao, Xinhui, Luo, Lan, Ling, Zhen, Yan, Huaiyu, Wei, Yumeng, Fu, Xinwen, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Atluri, Vijayalakshmi, editor, Di Pietro, Roberto, editor, Jensen, Christian D., editor, and Meng, Weizhi, editor

Published

2022

4. Analysis of Firmware Security Mechanisms

Author

Ravindrababu, Sandeep Gogineni, Venugopal, Varsha, Alves-Foss, Jim, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Nagar, Atulya K., editor, Jat, Dharm Singh, editor, Marín-Raventós, Gabriela, editor, and Mishra, Durgesh Kumar, editor

Published

2022

5. A review paper on hacking blind

Author

Chawla, Chanchal

Published

2021

6. ASLR: How Robust is the Randomness?

Author

Ganz, Jonathan and Peisert, Sean

Subjects

ASLR, address space layout randomization, buffer overflow, protection mechanisms, vulnerability, security experiment, experiment

Abstract

This paper examines the security provided by different implementations of Address Space Layout Randomization (ASLR). ASLR is a security mechanism that increases control-flow integrity by making it more difficult for an attacker to properly execute a buffer-overflow attack, even in systems with vulnerable software. The strength of ASLR lies in the randomness of the offsets it produces in memory layouts. We compare multiple operating systems, each compiled for two different hardware architectures, and measure the amount of entropy provided to a vulnerable application. Our paper is the first publication that we are aware of that quantitatively compares the entropy of different ASLR implementations. In addition, we provide a method for remotely assessing the efficacy of a particular security feature on systems that are otherwise unavailable for analysis, and highlight the need for independent evaluation of security mechanisms.

Published

2017

7. A Survey of Code Reuse Attack and Defense

Author

Luo, Bingbing, Yang, Yimin, Zhang, Changhe, Wang, Yi, Zhang, Baoying, Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, Xhafa, Fatos, editor, Patnaik, Srikanta, editor, and Tavana, Madjid, editor

Published

2019

8. A Modern Approach for Sign Language Interpretation Using Convolutional Neural Network

Author

Paul, Pias, Bhuiya, Moh. Anwar-Ul-Azim, Ullah, Md. Ayat, Saqib, Molla Nazmus, Mohammed, Nabeel, Momen, Sifat, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Nayak, Abhaya C., editor, and Sharma, Alok, editor

Published

2019

9. Identifying memory address disclosures

Author

North, John

Subjects

600, disclosures, memory address, ASLR, vulnerability, stack cookies, ROP

Abstract

Software is still being produced and used that is vulnerable to exploitation. As well as being in devices in the homes of many people around the world, programs with these vulnerabilities are maintaining life-critical systems such as power-stations, aircraft and medical devices and are managing the creation and distribution of billions of pounds every year. These systems are actively being exploited by governments, criminals and opportunists and have led to loss of life and a loss of wealth. This dependence on software that is vulnerable to exploitation has led to a society with tangible concerns over cyber-crime, cyber-terrorism and cyber-warfare. As well as attempts to eliminate these vulnerabilities, techniques have been developed to mitigate their effects; these prophylactic techniques do not eliminate the vulnerabilities but make them harder to exploit. As software exploitation is an ever evolving battle between the attackers and the defenders, identifying methods to bypass these mitigations has become a new battlefield in this struggle and the techniques that are used to do this require vulnerabilities of their own. As many of the mitigation techniques are dependent upon secrecy of one form or another, vulnerabilities which allow an attacker to view those secrets are now of importance to attackers and defenders. Leaking of the contents of computer memory has always been considered a vulnerability, but until recently it has not typically been considered a serious one. As this can be used to bypass key mitigation techniques, these vulnerabilities are now considered critical to preventing whole classes of software exploitation. This thesis is about detecting these types of leaks and the information they disclose. It discusses the importance of these disclosures, both currently and in the future. It then introduces the first published technique to be able to reliably identify specific classes of these leaks, particularly address disclosures and canary-disclosures. The technique is tested against a series of applications, across multiple operating systems, using both artificial examples and software that is critical, commonplace and complex.

Published

2015

10. A Survey of Research on Runtime Rerandomization Under Memory Disclosure

Author

Zhidong Shen and Weiying Chen

Subjects

Runtime rerandomization, memory disclosure, code-reuse attack, ASLR, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In current software environments, code injection attacks have been better defended. But it also forced attackers to use the code already exist in memory to construct code-reuse attack, making code-reuse attack become the focal point of the new round of offensive and defensive games. As an important defense against attacks based on address space layout, code randomization technology effectively defends code-reuse attack by randomizing memory address space. The ASLR proposed by the Pax team is now used by most operating systems. However, due to memory disclosure, the security premise of code randomization has been broken. Therefore, in order to effectively defend against code-reuse attack, the current code randomization technology needs to improve the ability to resist memory disclosure. This paper mainly discusses the current randomization scheme in the context of memory disclosure and summarizes the future development direction of current code randomization technology.

Published

2019

11. Fine-grained address space layout randomization on program load

Author

A. R. Nurmukhametov, E. A. Zhabotinskiy, Sh. F. Kurmangaleev, S. S. Gaissaryan, and A. V. Vishnyakov

Subjects

рандомизация адресного пространства, диверсификация, aslr, rop, Electronic computers. Computer science, QA75.5-76.95

Abstract

Program vulnerabilities are a serious security threat. It is important to develop defenses preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art defenses have some drawbacks that can be used by attackers. In this paper we propose fine-grained address space layout randomization on program load that is able to protect from such kind of attacks. During the static linking stage executable and library files are supplemented with information about function boundaries and relocations. A system dynamic linker/loader uses this information to perform functions permutation. The proposed method was implemented for 64-bit programs on CentOS 7 operating system. The implemented method has shown good resistance to ROP attacks based on two metrics: the number of survived gadgets and the exploitability estimation of ROP chain examples. The implementation presented in this article is applicable across the entire operating system and has shown 1.5 % time overhead. The working capacity of proposed approach was demonstrated on real programs. The further research can cover forking randomization and finer granularity than on the function level. It also makes sense to implement the randomization of short functions placement, taking into account the relationships between them. The close arrangement of functions that often call each other can improve the performance of individual programs.

Published

2018

12. ASLR and ROP Attack Mitigations for ARM-Based Android Devices

Author

Parikh, Vivek, Mateti, Prabhaker, Barbosa, Simone Diniz Junqueira, Series editor, Chen, Phoebe, Series editor, Filipe, Joaquim, Series editor, Kotenko, Igor, Series editor, Sivalingam, Krishna M., Series editor, Washio, Takashi, Series editor, Yuan, Junsong, Series editor, Zhou, Lizhu, Series editor, Thampi, Sabu M., editor, Martínez Pérez, Gregorio, editor, Westphall, Carlos Becker, editor, Hu, Jiankun, editor, Fan, Chun I., editor, and Gómez Mármol, Félix, editor

Published

2017

13. Blender: Self-randomizing Address Space Layout for Android Apps

Author

Sun, Mingshen, Lui, John C. S., Zhou, Yajin, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Monrose, Fabian, editor, Dacier, Marc, editor, Blanc, Gregory, editor, and Garcia-Alfaro, Joaquin, editor

Published

2016

14. Towards Dynamic Software Diversity for Resilient Redundant Embedded Systems

Author

Höller, Andrea, Rauter, Tobias, Iber, Johannes, Kreiner, Christian, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Fantechi, Alessandro, editor, and Pelliccione, Patrizio, editor

Published

2015

15. Mitigating Return Oriented Programming.

Author

Speakman, Lee, Eze, Thaddeus, Baker, David, and Wairimu, Samuel

Abstract

Code-reuse attack techniques, such as Return Oriented Programming (ROP), pose a significant threat to modern day systems as they are able to circumvent both traditional and more modern protection mechanisms such as antivirus, antimalware, Address Space Layout Randomisation (ASLR) and W⊕X/Data Execution Prevention (DEP). IT companies are actively researching ways in which ROP attacks can be mitigated, emphasising the importance of research in this area. Various defence mechanisms have been designed and developed to attempt to prevent ROP attacks, however, vulnerabilities still exist, and some attacks are still able to bypass these. This paper proposes a solution -- ROPMit -- that successfully mitigates ROP attacks without the caveats of other current research. ROPMit is a collection of base techniques that detects function boundaries and randomises at the function level the memory layout to mitigate against ROP, even when an info-leak is present, to reveal the address of part of the code section. ROPMit is implemented and tested on Linux 32bit binaries compiled with gcc. Testing is done on a binary with an info-leak and buffer overflow vulnerability on the call stack. A ROP attack attempts to call gadgets in the binary but is blocked by ROPMit with high likelihood. The likelihood of blocking an attack is proportional to the factorial of the number of functions present in the binary. [ABSTRACT FROM AUTHOR]

Published

2019

16. eavesROP: Listening for ROP Payloads in Data Streams

Author

Jämthagen, Christopher, Karlsson, Linus, Stankovski, Paul, Hell, Martin, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Chow, Sherman S. M., editor, Camenisch, Jan, editor, Hui, Lucas C. K., editor, and Yiu, Siu Ming, editor

Published

2014

17. Advanced Features, Schema Migration

Author

Soukup, Jiri, Lokanath, Raj, Soukup, Martin, Soukup, Jiri, and Macháček, Petr

Published

2014

18. A Review of Memory Errors Exploitation in x86-64

Author

Conor Pirry, Hector Marco-Gisbert, and Carolyn Begg

Subjects

memory errors, x86-64, stack buffer overflows, SSP, ASLR, NX, Electronic computers. Computer science, QA75.5-76.95

Abstract

Memory errors are still a serious threat affecting millions of devices worldwide. Recently, bounty programs have reached a new record, paying up to USD 2.5 million for one single vulnerability in Android and up to USD 2 million for Apple’s operating system. In almost all cases, it is common to exploit memory errors in one or more stages to fully compromise those devices. In this paper, we review and discuss the importance of memory error vulnerabilities, and more specifically stack buffer overflows to provide a full view of how memory errors are exploited. We identify the root causes that make those attacks possible on modern x86-64 architecture in the presence of modern protection techniques. We have analyzed how unsafe library functions are prone to buffer overflows, revealing that although there are secure versions of those functions, they are not actually preventing buffer overflows from happening. Using secure functions does not result in software free from vulnerabilities and it requires developers to be security-aware. To overcome this problem, we discuss the three main security protection techniques present in all modern operating system; the non-eXecutable bit (NX), the Stack Smashing Protector (SSP) and the Address Space Layout Randomization (ASLR). After discussing their effectiveness, we conclude that although they provide a strong level of protection against classical exploitation techniques, modern attacks can bypass them.

Published

2020

19. Fine-Grained Address Space Layout Randomization on Program Load.

Author

Nurmukhametov, A. R., Zhabotinskiy, E. A., Kurmangaleev, Sh. F., Gaissaryan, S. S., and Vishnyakov, A. V.

Subjects

*COMPUTER programming management, *SOFTWARE protection, *RANDOMIZATION (Statistics), *COMPUTER operating systems, *LOADERS (Computer programs)

Abstract

Abstract: Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose fine-grained address space layout randomization on program load that is able to protect from such kind of attacks. During the static linking stage, the executable and library files are supplemented with information about function boundaries and relocations. A system dynamic linker/loader uses this information to perform permutation of functions. The proposed method was implemented for 64-bit programs on CentOS 7 operating system. The implemented method has shown good resistance to ROP attacks evaluated by two metrics: the number of survived gadgets and the exploitability estimation of ROP chain examples. The implementation presented in this article is applicable across the entire operating system and has no compatibility problems affecting the program performance. The working capacity of proposed approach was demonstrated on real programs. The further research can cover forking randomization and finer granularity than on the function level. It also makes sense to implement the randomization of short functions placement taking into account the relationships between them. The close arrangement of functions that often call each other can improve the performance of individual programs. [ABSTRACT FROM AUTHOR]

Published

2018

20. Quantitative Metrics and Measurement Methodologies for System Security Assurance

Author

Ahmed, Md Salman and Ahmed, Md Salman

Abstract

Proactive approaches for preventing attacks through security measurements are crucial for preventing sophisticated attacks. However, proactive measures must employ qualitative security metrics and systemic measurement methodologies to assess security guarantees, as some metrics (e.g., entropy) used for evaluating security guarantees may not capture the capabilities of advanced attackers. Also, many proactive measures (e.g., data pointer protection or data flow integrity) suffer performance bottlenecks. This dissertation identifies and represents attack vectors as metrics using the knowledge from advanced exploits and demonstrates the effectiveness of the metrics by quantifying attack surface and enabling ways to tune performance vs. security of existing defenses by identifying and prioritizing key attack vectors for protection. We measure attack surface by quantifying the impact of fine-grained Address Space Layout Randomization (ASLR) on code reuse attacks under the Just-In-Time Return-Oriented Programming (JITROP) threat model. We conduct a comprehensive measurement study with five fine-grained ASLR tools, 20 applications including six browsers, one browser engine, and 25 dynamic libraries. Experiments show that attackers only need several seconds (1.5-3.5) to find various code reuse gadgets such as the Turing Complete gadget set. Experiments also suggest that some code pointer leaks allow attackers to find gadgets more quickly than others. Besides, the instruction-level single-round randomization can restrict Turing Complete operations by preventing up to 90% of gadgets. This dissertation also identifies and prioritizes critical data pointers for protection to enable the capability to tune between performance vs. security. We apply seven rule-based heuristics to prioritize externally manipulatable sensitive data objects/pointers. Our evaluations using 33 ground truths vulnerable data objects/pointers show the successful detection of 32 ground truths with a 42% pe

Published

2022

21. Support for Secure Code Execution in Unix-Like Operating Systems.

Author

Bhuse, Vijay and Nandigam, Jagadeesh

Abstract

FreeBSD and OpenBSD are BSD-based Unix-like operating systems. OpenBSD is one of the most secure operating systems. We review various secure coding technologies and processes that were invented and implemented by the OpenBSD. We also compare different types of vulnerabilities encountered in OpenBSD and FreeBSD systems, over the years. [ABSTRACT FROM AUTHOR]

Published

2017

22. Movement of the sacroiliac joint during the Active Straight Leg Raise test in patients with long-lasting severe sacroiliac joint pain.

Author

Kibsgård, Thomas J., Röhrl, Stephan M., Røise, Olav, Sturesson, Bengt, and Stuge, Britt

Subjects

*HEAVY metals, *RANGE of motion of joints, *MUSCLES, *PELVIC bones, *PELVIC floor, *PELVIC pain, *ROTATIONAL motion, *SACROILIAC joint, *SACRUM, *BODY movement, *RADIOSTEREOMETRY, SACROILIAC joint diseases

Abstract

Background The Active Straight Leg Raise is a functional test used in the assessment of pelvic girdle pain, and has shown to have good validity, reliability and responsiveness. The Active Straight Leg Raise is considered to examine the patients' ability to transfer load through the pelvis. It has been hypothesized that patients with pelvic girdle pain lack the ability to stabilize the pelvic girdle, probably due to instability or increased movement of the sacroiliac joint. This study examines the movement of the sacroiliac joints during the Active Straight Leg Raise in patients with pelvic girdle pain. Methods Tantalum markers were inserted in the dorsal sacrum and ilium of 12 patients with long-lasting pelvic girdle pain scheduled for sacroiliac joint fusion surgery. Two to three weeks later movement of the sacroiliac joints during the Active Straight Leg Raise was measured with radiostereometric analysis. Findings Small movements were detected. There was larger movement of the sacroiliac joint of the rested leg's sacroiliac joint compared to the lifted leg's side. A mean backward rotation of 0.8° and inward tilt of 0.3° were seen in the rested leg's sacroiliac joint. Interpretation The movements of the sacroiliac joints during the Active Straight Leg Raise are small. There was a small backward rotation of the innominate bone relative to sacrum on the rested leg's side. Our findings contradict an earlier understanding that a forward rotation of the lifted leg's innominate occur while performing the Active Straight Leg Raise. [ABSTRACT FROM AUTHOR]

Published

2017

23. INFLUENCE OF SEQUENCE OF JOINT MOVEMENT ON HAMSTRING LENGTH TEST RESULTS

Author

Dinesh Sorani and Sheshna Rathod

Subjects

Hamstrings length, ASLR, PSLR, Activeknee extension test, Passive knee extension test, Muscle length, Medicine (General), R5-920

Abstract

Background: Hamstring length assessment has an important value in Physiotherapy assessment and better outcome of patients. Purpose of the study was 1) To compare Active SLR and Active knee extension test values as per Kendall’s muscle-range assessment, 2) To compare Passive SLR and Passive knee extension test values as per Kendall’s muscle range assessment. Methods: Total 100 healthy individuals (age 20.83±1.17, 14 males, 86 females) participated in study. Goniometric assessment of hip flexion-extension and knee flexion was assessed followed by active and passive straight leg raising (ASLR and PSLR) and knee extension tests (AKE and PKE). Kendall’s formula was used to find hamstring muscle-range. ASLR and AKE results were compared for means and correlation was assessed. PSLR and PKE results were compared for means and correlation was assessed. Result: The average hamstring-range is about 79.34% (ASLR), 83.67% (PSLR), 77.92% (AKE), and 81.43% (PKE) of total joint range of hamstrings. There is significant difference between ASLR and AKE values and between PSLR and PKE values. Conclusion: Total hamstring excursion in all methods confirms Kendall’s statement. However difference between SLR and knee extension tests suggest that SLR values of hamstrings length and knee extension values of hamstrings length cannot be used interchangeably. Other mechanical factors may play role for the difference between these values. Implications: Sequence of Hip flexion and Knee extension for hamstring length assessment has a significant effect on results and it should be considered by therapist before clinical decision making.

Published

2016

24. TÉCNICAS DE OFENSA Y DEFENSA A LOS FALLOS POR CORRUPCIÓN DE MEMORIA Memory Corruption Failures Attack and Defense Techniques

Author

David Mora Rodríguez and Mario Muñoz

Subjects

ASLR, Corrupción de memoria, NX/XD, Sistemas operativos, Programación orientada a retornos, memory corruption, operating systems, return-oriented programming, Technology, Engineering (General). Civil engineering (General), TA1-2040

Abstract

Las técnicas de ataque a aplicaciones por corrupción de memoria aprovechan las debilidades de los programas para obtener ejecución de código arbitrario. Estos fallos de programación han sido utilizados por diferentes ataques desde la década de los ochenta. Este documento presenta las diferentes técnicas que puede utilizar un atacante para lograr su objetivo y las precauciones que debe tener un desarrollador de aplicaciones, para evitar que su programa esté expuesto a vulnerabilidades que permitan ejecutar ataques por corrupción de memoria. Los fabricantes de sistemas operativos y compiladores introdujeron diferentes mecanismos de defensa para proteger las aplicaciones. Estos mecanismos no son excluyentes y cada uno tiene sus propios objetivos de diseño para añadir nuevas capas de seguridad.Attack techniques against memory corruption applications take advantage of the programs weakness for obtaining execution of arbitrary code. These programming failures have been used for several attacks since the 80's. This document shows several techniques to be used by an attacker in order to achieve his objectives and the precautions an application developer should have for preventing the program to be exposed vulnerable situations which may allow having attacks for memory corruption. Manufacturers of operating systems and compilers introduced several defense mechanisms to protect applications. These are not excluding mechanisms and each one of them has its own design objectives for adding new security layers.

Published

2011

25. Address Space Layout Randomization Comparative Analysis on Windows 10 and Ubuntu 18.04 LTS

Author

Martiño Rivera-Dourado, Raquel Vázquez Díaz, Pilar Vila Avendaño, Rubén Pérez-Jove, and José M. Vázquez-Naya

Subjects

Windows, Address space layout randomization, Exploit, Computer science, media_common.quotation_subject, Comparative analysis, Process (computing), Context (language use), Ubuntu, ASLR, Memory management, Virtual address space, Computer engineering, Memory, Function (engineering), Memory protection, media_common

Abstract

Presented at the 4th XoveTIC Conference, A Coruña, Spain, 7–8 October 2021 [Abstract] Memory management is one of the main tasks of an Operating System, where the data of each process running in the system is kept. In this context, there exist several types of attacks that exploit memory-related vulnerabilities, forcing Operating Systems to feature memory protection techniques that make difficult to exploit them. One of these techniques is ASLR, whose function is to introduce randomness into the virtual address space of a process. The goal of this work was to measure, analyze and compare the behavior of ASLR on the 64-bit versions of Windows 10 and Ubuntu 18.04 LTS. The results have shown that the implementation of ASLR has improved significantly on these two Operating Systems compared to previous versions. However, there are aspects, such as partial correlations or a frequency distribution that is not always uniform, so it can still be improved. We wish to acknowledge the support received from the Centro de Investigación de Galicia “CITIC”. CITIC, as Research Center accredited by Galician University System, is funded by “Consellería de Cultura, Educación e Universidade from Xunta de Galicia”, supported in an 80% through ERDF, ERDF Operational Programme Galicia 2014–2020, and the remaining 20% by “Secretaría Xeral de Universidades” (Grant ED431G 2019/01). This work was also supported by the “Consellería de Cultura, Educación e Ordenación Universitaria” via the Consolidation and Structuring of Competitive Research Units—Competitive Reference Groups (ED431C 2018/49) and the COST Action 17124 DigForAsp, supported by COST (European Cooperation in Science and Technology, www.cost.eu, (accessed on 20 July 2021)) Xunta de Galicia; ED431G 2019/01 Xunta de Galicia; ED431C 2018/49

Published

2021

26. Address Space Layout Randomization Comparative Analysis on Windows 10 and Ubuntu 18.04 LTS

Author

Vázquez Díaz, Raquel, Rivera-Dourado, Martiño, Pérez-Jove, Rubén, Vila Avendaño, Pilar, Vázquez-Naya, José, Vázquez Díaz, Raquel, Rivera-Dourado, Martiño, Pérez-Jove, Rubén, Vila Avendaño, Pilar, and Vázquez-Naya, José

Abstract

[Abstract] Memory management is one of the main tasks of an Operating System, where the data of each process running in the system is kept. In this context, there exist several types of attacks that exploit memory-related vulnerabilities, forcing Operating Systems to feature memory protection techniques that make difficult to exploit them. One of these techniques is ASLR, whose function is to introduce randomness into the virtual address space of a process. The goal of this work was to measure, analyze and compare the behavior of ASLR on the 64-bit versions of Windows 10 and Ubuntu 18.04 LTS. The results have shown that the implementation of ASLR has improved significantly on these two Operating Systems compared to previous versions. However, there are aspects, such as partial correlations or a frequency distribution that is not always uniform, so it can still be improved.

Published

2021

27. ILR: Where'd My Gadgets Go?

Author

Hiser, Jason, Nguyen-Tuong, Anh, Co, Michele, Hall, Matthew, and Davidson, Jack W.

Abstract

Through randomization of the memory space and the confinement of code to non-data pages, computer security researchers have made a wide range of attacks against program binaries more difficult. However, attacks have evolved to exploit weaknesses in these defenses. To thwart these attacks, we introduce a novel technique called Instruction Location Randomization (ILR). Conceptually, ILR randomizes the location of every instruction in a program, thwarting an attacker's ability to re-use program functionality (e.g., arc-injection attacks and return-oriented programming attacks). ILR operates on arbitrary executable programs, requires no compiler support, and requires no user interaction. Thus, it can be automatically applied post-deployment, allowing easy and frequent re-randomization. Our preliminary prototype, working on 32-bit x86 Linux ELF binaries, provides a high degree of entropy. Individual instructions are randomly placed within a 31-bit address space. Thus, attacks that rely on a priori knowledge of the location of code or derandomization are not feasible. We demonstrated ILR's defensive capabilities by defeating attacks against programs with vulnerabilities, including Adobe's PDF viewer, acroread, which had an in-the-wild vulnerability. Additionally, using an industry-standard CPU performance benchmark suite, we compared the run time of prototype ILR-protected executables to that of native executables. The average run-time overhead of ILR was 13% with more than half the programs having effectively no overhead (15 out of 29), indicating that ILR is a realistic and cost-effective mitigation technique. [ABSTRACT FROM PUBLISHER]

Published

2012

28. A Review of Memory Errors Exploitation in x86-64

Author

Hector Marco-Gisbert, Carolyn Begg, and Conor Pirry

Subjects

Address space layout randomization, Exploit, Memory errors, SSP, Computer Networks and Communications, Computer science, Vulnerability, stack buffer overflows, Computer security, computer.software_genre, lcsh:QA75.5-76.95, Human-Computer Interaction, ASLR, x86-64, NX, x86, Stack buffer overflow, memory errors, lcsh:Electronic computers. Computer science, Android (operating system), computer, Buffer overflow

Abstract

Memory errors are still a serious threat affecting millions of devices worldwide. Recently, bounty programs have reached a new record, paying up to USD 2.5 million for one single vulnerability in Android and up to USD 2 million for Apple’s operating system. In almost all cases, it is common to exploit memory errors in one or more stages to fully compromise those devices. In this paper, we review and discuss the importance of memory error vulnerabilities, and more specifically stack buffer overflows to provide a full view of how memory errors are exploited. We identify the root causes that make those attacks possible on modern x86-64 architecture in the presence of modern protection techniques. We have analyzed how unsafe library functions are prone to buffer overflows, revealing that although there are secure versions of those functions, they are not actually preventing buffer overflows from happening. Using secure functions does not result in software free from vulnerabilities and it requires developers to be security-aware. To overcome this problem, we discuss the three main security protection techniques present in all modern operating system; the non-eXecutable bit (NX), the Stack Smashing Protector (SSP) and the Address Space Layout Randomization (ASLR). After discussing their effectiveness, we conclude that although they provide a strong level of protection against classical exploitation techniques, modern attacks can bypass them.

Published

2020

29. Fine-grained address space layout randomization on program load

Author

Shamil Kurmangaleev, A. V. Vishnyakov, A.R. Nurmukhametov, E. A. Zhabotinskiy, and Serguei Gaissaryan

Subjects

Computer science, Distributed computing, 0211 other engineering and technologies, Working capacity, 02 engineering and technology, lcsh:QA75.5-76.95, rop, Software, 0202 electrical engineering, electronic engineering, information engineering, General Environmental Science, 021110 strategic, defence & security studies, Address space layout randomization, business.industry, рандомизация адресного пространства, 020207 software engineering, computer.file_format, Loader, Dynamic linker, General Earth and Planetary Sciences, диверсификация, Granularity, Executable, lcsh:Electronic computers. Computer science, business, computer, aslr

Abstract

Software vulnerabilities are a serious security threat. It is important to develop protection mechanisms preventing their exploitation, especially with a rapid increase of ROP attacks. State of the art protection mechanisms have some drawbacks that can be used by attackers. In this paper, we propose fine-grained address space layout randomization on program load that is able to protect from such kind of attacks. During the static linking stage, the executable and library files are supplemented with information about function boundaries and relocations. A system dynamic linker/loader uses this information to perform permutation of functions. The proposed method was implemented for 64-bit programs on CentOS 7 operating system. The implemented method has shown good resistance to ROP attacks evaluated by two metrics: the number of survived gadgets and the exploitability estimation of ROP chain examples. The implementation presented in this article is applicable across the entire operating system and has no compatibility problems affecting the program performance. The working capacity of proposed approach was demonstrated on real programs. The further research can cover forking randomization and finer granularity than on the function level. It also makes sense to implement the randomization of short functions placement taking into account the relationships between them. The close arrangement of functions that often call each other can improve the performance of individual programs.

Published

2018

30. LSE_Lex40_UVIGO: una base de datos específicamente diseñada para el desarrollo de tecnología de reconocimiento automático de LSE

Author

Torres Guijarro, Soledad, García Mateo, Carmen, Cabeza Pereiro, María del Carmen, Docío Fernández, Laura, Torres Guijarro, Soledad, García Mateo, Carmen, Cabeza Pereiro, María del Carmen, and Docío Fernández, Laura

Abstract

Automatic speech recognition can be considered a viable and mature technology. Many applications facilitating communication between people, and between humans and machines, are based on it. However, the automatic recognition of sign languages is not as advanced as that of spoken languages; if it were, Deaf people could communicate with someone who does not know sign language without an interpreter, gaining privacy and independence. And they could make use of automated video-controlled systems that recognize their instructions in an inclusive, quick and mobile way, similarly to how hearing people access voice-controlled systems. The GRADES and GTM research groups at the University of Vigo intend to advance in the development of an automatic recognizer for Spanish sign language (LSE) based on image recognition. From the review of the state of the art, it is concluded the need to develop an LSE database specifically designed for this purpose. The complexity of this task makes it advisable to approach it incrementally, for which we propose the goal of developing a recording methodology that allows the database to grow in size and complexity over time. This methodology includes the selection of the lexicon, the design of the recording station, the data storage structure, the computer programs for managing the video database and the associated metadata, and the protection of personal data of the signers. An initial version of the database, called LSE_Lex40_UVIGO, is made up of multiple repetitions of 40 isolated signs in LSE, carried out by different signers. This first version of the database will be useful for us to develop an isolated sign recognizer in diverse environments and independently of the user, and to demonstrate the usefulness of the acquisition methodology described in this contribution., El reconocimiento automático de habla puede considerarse una tecnología viable y madura, sobre la que se basan numerosas aplicaciones que facilitan la comunicación entre personas, y entre persona y máquina. Sin embargo, el reconocimiento automático de lenguas de signos no está tan avanzado como el de lenguas habladas; si lo estuviera, una persona sorda podría comunicarse con alguien que desconozca la lengua de signos sin necesidad de recurrir a un intérprete, ganando en privacidad e independencia. Y podría hacer uso de sistemas automáticos controlados por vídeo, que reconocieran sus instrucciones, de forma inclusiva, rápida y móvil, similarmente a como las personas oyentes acceden a sistemas controlados por voz. Los grupos de investigación GRADES y GTM de la Universidad de Vigo nos proponemos avanzar en el desarrollo de un reconocedor automático de lengua de signos española (LSE) basada en el reconocimiento de imágenes. De la revisión del estado del arte se concluye la necesidad de desarrollar una base de datos de LSE diseñada específicamente para este fin. La complejidad de esta tarea aconseja abordarla de forma incremental, para lo cual nos proponemos como objetivo desarrollar una metodología de grabación que permita que la base de datos crezca a lo largo del tiempo en tamaño y complejidad. Esta metodología comprende la selección del léxico, el diseño del puesto de grabación, la estructura de almacenamiento de los datos, los programas informáticos de gestión de la base de datos de vídeos y los metadatos asociados, y la protección de los datos personales de las personas informantes.

Published

2020

31. Finding Focus in the Blur of Moving-Target Techniques.

Author

Okhravi, Hamed, Hobson, Thomas, Bigelow, David, and Streilein, William

Abstract

Protecting critical systems and assets against cyberattacks is an ever more difficult challenge that strongly favors attackers. Whereas defenders must protect a large, diverse set of cybersystems containing an unknown number of vulnerabilities of various types, attackers need only find one or a few exploitable vulnerabilities to mount a successful attack. One promising approach that can shift the balance in the defenders' favor is to create uncertainty for attackers by dynamically changing system properties in what is called a cyber moving target (MT). MT techniques seek to randomize system components to reduce the likelihood of a successful attack, add dynamics to a system to reduce the lifetime of an attack, and diversify otherwise homogeneous collections of systems to limit the damage of a large-scale attack. In this article, the authors review the five dominant domains of MT techniques available today as research prototypes and commercial solutions. They present the techniques' strengths and weaknesses and make recommendations for future research that will improve current capabilities. [ABSTRACT FROM PUBLISHER]

Published

2014

32. TÉCNICAS DE OFENSA Y DEFENSA A LOS FALLOS POR CORRUPCIÓN DE MEMORIA.

Author

Mora Rodríguez, David and Muñoz, Mario

Subjects

*MALWARE prevention, *DATA protection, *COMPUTER operating system security measures, *COMPUTER software development, *COMPUTER security

Abstract

Attack techniques against memory corruption applications take advantage of the programs weakness for obtaining execution of arbitrary code. These programming failures have been used for several attacks since the 80's. This document shows several techniques to be used by an attacker in order to achieve his objectives and the precautions an application developer should have for preventing the program to be exposed vulnerable situations which may allow having attacks for memory corruption. Manufacturers of operating systems and compilers introduced several defense mechanisms to protect applications. These are not excluding mechanisms and each one of them has its own design objectives for adding new security layers. [ABSTRACT FROM AUTHOR]

Published

2011

33. Pelvic girdle pain, clinical tests and disability in late pregnancy.

Author

Robinson, Hilde Stendal, Mengshoel, Anne Marit, Bjelland, Elisabeth Krefting, and Vøllestad, Nina K.

Abstract

Abstract: The objective of this cross-sectional study was to explore the associations between pain locations, responses to the posterior pelvic pain provocation (P4) test, responses to the active straight leg raise (ASLR) test and disability in late pregnancy. 283 women in gestation week 30 (mean age 31.3 years; 59% nullipara) completed a questionnaire (including pain drawing and Disability Rating Index, DRI). A physiotherapist blinded for the questionnaire data assessed responses to the P4 and ASLR tests. The pain drawing was used to: 1) distinguish between Pelvic girdle pain (PGP) and low back pain (LBP); 2) discriminate between pain locations within the pelvic area. A large variation was found in DRI within each pain location group. Women with PGP were more afflicted than the women with LBP and those without PGP. Highest DRI score was reported by women having combined symphysis pain and bilateral posterior pain. The multivariate analyses showed that results from P4 and ASLR contributed independently to DRI. Taken together, pain location combined with responses to P4 and ASLR tests are relevant when evaluating affliction in pregnant women with possible PGP. [Copyright &y& Elsevier]

Published

2010

34. A Review of Memory Errors Exploitation in x86-64.

Author

Pirry, Conor, Marco-Gisbert, Hector, and Begg, Carolyn

Subjects

APPLE operating systems, COLLECTIVE memory, MODERN architecture, FREEWARE (Computer software), COMPUTER security vulnerabilities, MEMORY

Abstract

Memory errors are still a serious threat affecting millions of devices worldwide. Recently, bounty programs have reached a new record, paying up to USD 2.5 million for one single vulnerability in Android and up to USD 2 million for Apple's operating system. In almost all cases, it is common to exploit memory errors in one or more stages to fully compromise those devices. In this paper, we review and discuss the importance of memory error vulnerabilities, and more specifically stack buffer overflows to provide a full view of how memory errors are exploited. We identify the root causes that make those attacks possible on modern x86-64 architecture in the presence of modern protection techniques. We have analyzed how unsafe library functions are prone to buffer overflows, revealing that although there are secure versions of those functions, they are not actually preventing buffer overflows from happening. Using secure functions does not result in software free from vulnerabilities and it requires developers to be security-aware. To overcome this problem, we discuss the three main security protection techniques present in all modern operating system; the non-eXecutable bit (NX), the Stack Smashing Protector (SSP) and the Address Space Layout Randomization (ASLR). After discussing their effectiveness, we conclude that although they provide a strong level of protection against classical exploitation techniques, modern attacks can bypass them. [ABSTRACT FROM AUTHOR]

Published

2020

35. Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR

Author

Clémentine Maurice, Daniel Gruss, Anders Fogh, Moritz Lipp, and Stefan Mangard

Subjects

010302 applied physics, Instruction prefetch, Computer science, Fetch, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, 020202 computer hardware & architecture, Timing attack, ASLR, Kernel Vulnerabilities, Timing Attacks, Virtual machine, Kernel (statistics), 0103 physical sciences, 0202 electrical engineering, electronic engineering, information engineering, User space, Operating system, x86, Paging, Side channel attack, computer

Abstract

Modern operating systems use hardware support to protect against control flow hijacking attacks such as code-injection attacks. Typically, write access to executable pages is prevented and kernel mode execution is restricted to kernel code pages only. However, current CPUs provide no protection against code-reuse attacks like ROP. ASLR is used to prevent these attacks by making all addresses unpredictable for an attacker. Hence, the kernel security relies fundamentally on preventing access to address information. We introduce Prefetch Side-Channel Attacks, a new class of generic attacks exploiting major weaknesses in prefetch instructions. This allows unprivileged attackers to obtain address information and thus compromise the entire system by defeating SMAP, SMEP, and kernel ASLR. Prefetch can fetch inaccessible privileged memory into various caches on Intel x86. It also leaks the translation-level for virtual addresses on both Intel x86 and ARMv8-A. We build three attacks exploiting these properties. Our rst attack retrieves an exact image of the full paging hierarchy of a process, defeating both user space and kernel space ASLR. Our second attack resolves virtual to physical addresses to bypass SMAP on 64-bit Linux systems, enabling ret2dir attacks. We demonstrate this from unprivileged user programs on Linux and inside Amazon EC2 virtual machines. Finally, we demonstrate how to defeat kernel ASLR on Windows 10, enabling ROP attacks on kernel and driver binary code. We propose a new form of strong kernel isolation to protect commodity systems incuring an overhead of only 0:06{5:09%.

Published

2016

36. Adding support for ELF binaries to PErmutator

Author

Maldini, Antun and Groš, Stjepan

Subjects

operating systems, DEP, memory corruption, TEHNIČKE ZNANOSTI. Računarstvo, PErmutator, korupcija memorije, operacijski sustavi, buffer overflow, računalna sigurnost, ASLR, ELF, TECHNICAL SCIENCES. Computing, PE, computer security

Abstract

Ljudi griješe, i kao rezultat skoro svaki netrivijalan računalni program sadrži greške. Pri korištenju programskih jezika bez automatskog upravljanja memorijom, česti su propusti koji rezultiraju (potencijalnom) korupcijom memorije. S obzirom na raširenost jezika C i C++, ti problemi će ostati prisutni u doglednom vremenu. Mehanizmi zaštite od napadâ koji ih iskorištavaju su poprilično razvijeni, ali još uvijek postoje rupe koje ne uspijevaju zaštititi. U radu je dan pregled napadâ i zaštitnih mehanizama, te je PErmutator, programski sustav koji se razvija u svrhu poboljšanja zaštite permutacijom blokova kôda unutar izvršnih datotekâ, proširen podrškom za ELF izvršne datoteke, koje se koriste na *nix operacijskim sustavima. People make mistakes, and as a consequence almost every nontrivial computer program has mistakes in it. When languages without automatic memory management are used, (potential) memory corruption is a frequent occurence. With C and C++ being widely used, these issues aren't going away any time soon. The mechanisms used to protect against them are fairly advanced, but they still fail against certain attacks. In this work, an overview of attack methods and protection mechanisms is given, and the PErmutator program, currently under development with the goal of improving security by rearranging code blocks within executables, is extended by adding support for ELF executables, which are used on Unix-like operating systems.

Published

2015

37. Developing metamorphing engine for improving application immunity against computer viruses

Author

Humić, Bruno and Groš, Stjepan

Subjects

operating systems, DEP, memory corruption, TEHNIČKE ZNANOSTI. Računarstvo, randomizacija, randomization, korupcija memorije, operacijski sustavi, graf programskog toka, permutation, permutacija, ASLP, control flow graph, računalna sigurnost, ASLR, TECHNICAL SCIENCES. Computing, PE format, Microsoft Windows, PE file format, computer security

Abstract

Korupcija memorije jedan je od najstarijih oblika ranjivosti koji je danas još uvijek prisutan. Iako postoje mnogi mehanizmi zaštite, problem korupcije memorije je i dalje dosta aktualan jer se pojavom novih sigurnosnih mehanizama pojavljuju i nove metode napada. Randomizacijski postupci značajno su pripomogli u borbi protiv napada usmjerenih na memoriju, ali prostora za poboljšanje još uvijek ima. Upravo je u ovome radu započet razvoj na jednom novom randomizacijskom mehanizmu zaštite čiji cilj je provesti permutaciju nad memorijskim blokovima unutar sekcije s izvršnim kodom. Time bi se razina sigurnosti protiv navedenih oblika napada podigla na jednu novu razinu. Memory corruption is one of the oldest security vulnerabilities out there that is still very common today. Randomization based security mechanisms had a major impact on dealing with memory corruption vulnerabilities but the threat still remains. In this thesis we started work on a new randomization security mechanism whose goal is to rearrange memory blocks in the code section of a PE file. In that way, we could achieve higher security levels in the system.

Published

2015

38. Influência de diferentes estratégias de estabilização lombopélvica e de programas de exercícios de controlo motor no Active Straight Leg Raise

Author

Monteiro, Ana Cláudia da Silva Guimarães Chapeleiro and Carvalho, Paulo

Subjects

McGill, Dor lombopélvica, ASLR, Manobras de estabilização, Lumbopelvic pain, Stabilization maneuvers, Pilates

Abstract

Submitted by Manuel Brandão (mbrandao@estsp.ipp.pt) on 2014-07-08T10:58:18Z No. of bitstreams: 1 DM_AnaMonteiro_2014.pdf: 638929 bytes, checksum: b62ac0d2c43f3ea87499e09c7f046676 (MD5) Made available in DSpace on 2014-07-08T10:58:18Z (GMT). No. of bitstreams: 1 DM_AnaMonteiro_2014.pdf: 638929 bytes, checksum: b62ac0d2c43f3ea87499e09c7f046676 (MD5) Previous issue date: 2014

Published

2014

39. eavesROP: Listening for ROP Payloads in Data Streams (preliminary full version)

Author

Jämthagen, Christopher, Karlsson, Linus, Stankovski, Paul, and Hell, Martin

Subjects

ASLR, Pattern Matching, Return-Oriented Programming, Electrical Engineering, Electronic Engineering, Information Engineering, ROP

Abstract

We consider the problem of detecting exploits based on return-oriented programming. In contrast to previous works we investigate to which extent we can detect ROP payloads by only analysing streaming data, i.e., we do not assume any modifications to the target machine, its kernel or its libraries. Neither do we attempt to execute any potentially malicious code in order to determine if it is an attack. While such a scenario has its limitations, we show that using a layered approach with a filtering mechanism together with the Fast Fourier Transform, it is possible to detect ROP payloads even in the presence of noise and assuming that the target system employs ASLR. Our approach, denoted eavesROP, thus provides a very lightweight and easily deployable mitigation against certain ROP attacks. It also provides the added merit of detecting the presence of a brute-force attack on ASLR since library base addresses are not assumed to be known by eavesROP.

Published

2014

40. eavesROP: Listening for ROP Payloads in Data Streams

Author

Chow, Sherman S. M., Camenisch, Jan, Hui, Lucas C. K., Yiu, Siu Ming, Jämthagen, Christopher, Karlsson, Linus, Stankovski, Paul, Hell, Martin, Chow, Sherman S. M., Camenisch, Jan, Hui, Lucas C. K., Yiu, Siu Ming, Jämthagen, Christopher, Karlsson, Linus, Stankovski, Paul, and Hell, Martin

Abstract

We consider the problem of detecting exploits based on return-oriented programming. In contrast to previous works we investigate to which extent we can detect ROP payloads by only analysing streaming data, i.e., we do not assume any modifications to the target machine, its kernel or its libraries. Neither do we attempt to execute any potentially malicious code in order to determine if it is an attack. While such a scenario has its limitations, we show that using a layered approach with a filtering mechanism together with the Fast Fourier Transform, it is possible to detect ROP payloads even in the presence of noise and assuming that the target system employs ASLR. Our approach, denoted eavesROP, thus provides a very lightweight and easily deployable mitigation against certain ROP attacks. It also provides the added merit of detecting the presence of a brute-force attack on ASLR since library base addresses are not assumed to be known by eavesROP.

Published

2014

41. Timely address space rerandomization for resisting code reuse attacks.

Author

Chen, Xiaoquan, Xue, Rui, and Wu, Chuankun

Subjects

RANDOMIZATION (Statistics), CODE reuse, JUST-in-time systems, VIRTUAL storage (Computer science), CYBERTERRORISM

Abstract

The major weakness of address space layout randomization is the address space of the program being randomized only once at loading. Therefore, it cannot prevent those advanced code reuse attacks, such as just-in-time return-oriented programming. In view of this situation, we propose an instantaneous and continual address space rerandomization approach, called just-in-time address space rerandomization (JIT-ASR) to thwart the attack. The JIT-ASR uses the virtual memory management and can ceaselessly change the program's address space by modifying the virtual page number of the code address and page table at runtime. In this way, the address space of the program will change continually. This mechanism will make the addresses used by the attacker become stale, and the attack payload cannot be performed successfully. To demonstrate the effectiveness and efficiency of JIT-ASR, we apply it to SPEC CPU2006 benchmark suite. The evaluation results and security analysis show that JIT-ASR can resist the code reuse attacks, especially just-in-time return-oriented programming, and yield low runtime performance overhead (1.2% on average on the SPEC CPU2006 benchmark). [ABSTRACT FROM AUTHOR]

Published

2017

42. Moving Target [Guest editors' introduction].

Author

Goldrich, Luanne and Landwehr, Carl E.

Abstract

Moving-target technologies can significantly raise the bar for attackers even without requiring that the distribution of vulnerabilities in the underlying systems be reduced. These techniques should be essential tools for every system architect. [ABSTRACT FROM PUBLISHER]

Published

2014

43. Threats to the Polish Baltic coastal zone by accelerated sea-level rise and the problem of coastal zone management/ Les menaces liées à l’élévation rapide du niveau de la mer sur le littoral polonais et le problème de la gestion de la zone côtière

Author

Karol Rotnicki

Subjects

ASLR, Threats by ASLR, Coastal zone management, Montée rapide du niveau de la mer, Gestion de la zone côtière

Abstract

The paper deals with the level and kind of threats to the Polish Coastal Zone caused by the accelerated sea-level rise (ASLR). The ASLR is thought to be the result of global climate warming due to increasing emission of the so-called "greenhouse" gases. To sum up : a -the size of the areas which will be threatened just next century, as well as its socio-economic resources, have been defined ; b -estimated costs of protection of the coastal zone in the near future have been calculated and shown against the background of the State’s financial abilities. The problem of the lack of both efficient systems of management of the coastal zone envisaging danger and strategic plans of adaptation to new conditions in this zone caused by the sea-level rise have been discussed., Dans cet article, nous analysons les types de danger et les niveaux de dégradation du littoral polonais provoqués par la montée rapide des eaux de la Baltique, phénomène dû aux changements climatiques globaux liés aux gaz à "effet de serre". Nous déterminons la superficie du littoral menacée pour le siècle à venir ainsi que les coûts de la protection évalués par rapport aux possibilités de l’État polonais. L’article soulève également le problème actuel de l’absence d’un plan d’adaptation et de stratégies efficaces de gestion de la zone littorale polonaise confrontée aux nouvelles conditions créées par la montée constante du niveau de mer., Rotnicki Karol. Threats to the Polish Baltic coastal zone by accelerated sea-level rise and the problem of coastal zone management/ Les menaces liées à l’élévation rapide du niveau de la mer sur le littoral polonais et le problème de la gestion de la zone côtière. In: Cahiers du Centre nantais de recherche pour l'aménagement régional, n°47-48, 1997. Littoral 95 - Actes du Colloque International Continuités et ruptures sur les littoraux européens. pp. 455-462.

Published

1997

44. The Security Challenges of Client-Side Just-in-Time Engines.

Author

Rohlf, Chris and Ivnitskiy, Yan

Abstract

Any added complexity in a software system will increase the possible program states, introducing a larger attack surface and the possibility of more exploitable flaws. JIT engines, however, alter the environment in which they execute in far more interesting ways, not only through implementation flaws but also by their fundamental operation modes. [ABSTRACT FROM PUBLISHER]

Published

2012

45. Mobile Attacks and Defense.

Author

Miller, Charlie

Abstract

Smartphones' features are great, but with the power they provide, there's also a threat. Smartphones are becoming a target of attackers in the same way PCs have been for many years. This article examines the security models of two popular smart phone operating systems: Apple's iOS and Google's Android. [ABSTRACT FROM PUBLISHER]

Published

2011