Runtime countermeasures for code injection attacks against C and C++ programs
نویسندگان
چکیده
منابع مشابه
Runtime Verification of C Programs
We present in this paper a framework, RMOR, for monitoring the execution of C programs against state machines, expressed in a textual (nongraphical) format in files separate from the program. The state machine language has been inspired by a graphical state machine language RCAT recently developed at the Jet Propulsion Laboratory, as an alternative to using Linear Temporal Logic (LTL) for requi...
متن کاملChronomorphic Programs: Using Runtime Diversity to Prevent Code Reuse Attacks
Return Oriented Programming (ROP) attacks, in which a cyber attacker crafts an exploit from instruction sequences already contained in a running binary, have become popular and practical. While previous research has investigated software diversity and dynamic binary instrumentation for defending against ROP, many of these approaches incur large performance costs or are susceptible to Blind ROP ...
متن کاملCode Pointer Masking: Hardening Applications against Code Injection Attacks
In this paper we present an efficient countermeasure against code injection attacks. Our countermeasure does not rely on secret values such as stack canaries and protects against attacks that are not addressed by state-of-the-art countermeasures of similar performance. By enforcing the correct semantics of code pointers, we thwart attacks that modify code pointers to divert the application’s co...
متن کاملC/C++ Runtime Error Detection Using Source Code Instrumentation
The detection and removal of software errors is an expensive component of the total software development cost. Especially hard to remove errors are those which occur during the execution of a program, so called runtime errors. Therefore tools are needed to detect these errors reliably and give the programmer a good hint how to fix the problem. In the first part of the thesis different types of ...
متن کاملRuntime Code Polymorphism as a Protection Against Side Channel Attacks
We present a generic framework for runtime code polymorphism, applicable to a broad range of computing platforms including embedded systems with low computing resources (e.g. microcontrollers with few kilo-bytes of memory). Code polymorphism is defined as the ability to change the observable behaviour of a software component without changing its functional properties. In this paper we present t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Computing Surveys
سال: 2012
ISSN: 0360-0300,1557-7341
DOI: 10.1145/2187671.2187679