In the face of widespread DEP and ASLR deployment, JIT spraying brings together the best of code injection and code reuse attacks to defeat both defenses. However, to date, JIT spraying has been an x86-only attack thanks to its reliance on variable-length, unaligned instructions. In this paper, we finally extend JIT spraying to a RISC architecture by introducing a novel technique called gadget ...

Code-reuse attacks based on return oriented programming are among the most popular exploitation techniques used by attackers today. Few practical defenses are able to stop such attacks on arbitrary binaries without access to source code. A notable exception are the techniques that employ new hardware, such as Intel’s Last Branch Record (LBR) registers, to track all indirect branches and raise a...

Context: Source code reuse has been widely accepted as a fundamental activity in software development. Recent studies showed that StackOverflow has emerged as one of the most popular resources for code reuse. Therefore, a plethora of work proposed ways to optimally ask questions, search for answers and find relevant code on StackOverflow. However, little work studies the impact of code reuse fr...

types of SML structures of SML

Successfully introducing a reuse program into an organization requires many things, such as proven processes, an organization for reuse, and management support. However, management needs to understand the value of reuse before they will allocate resources. Key to showing this value is a business case based on consistent, realistic, and easy to understand metrics. I have found that combining rea...

Address Space Layout Randomization (ASLR) is a widely used technique for the prevention of code reuse attacks. The basic concept of ASLR is to randomize the base address of executable modules at load time. Changing the load address of modules is also often needed for resolving conflicts among shared libraries with the same preferred base address. In Windows, loading a module at an arbitrary add...

***[ChTitle]Reuse in the world of end-user programmers*** ***Authors: Christopher Scaffidi, Mary Shaw*** ***Abstract:*** End-user programmers often reuse one another’s code when creating new programs, but this reuse is rarely as clean or simple as the blackbox reuse that professional programmers aspire to achieve. In this chapter, we explore the motivations that drive reuse of end-user code, th...

Software reuse has the potential of reducing development time and increasing software quality. There are several types of knowledge that can be reused, with code being the most common reused one. Code reuse is the most direct and easier type of reuse, but is not the most efficient one. Design reuse is more productive than code reuse, because changes at the design level can have big effects on t...

Today, the growing size and complexity of software along with decreasing development times causes tremendous challenges to software testing. This has driven the whole software industry to seek new ways to test more efficiently and effectively. Software reuse has been practiced for decades and successful industrial studies have demonstrated such profits as increased productivity and quality as w...