Davi, Lucas and Sadeghi, Ahmad-Reza (2015):
Building Secure Defenses Against Code-Reuse Attacks.
Springer International Publishing, ISBN 978-3-319-25544-6,
DOI: 10.1007/978-3-319-25546-0, [Book]
Abstract
This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET.
Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented.
Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks.
| Item Type: | Book |
|---|---|
| Erschienen: | 2015 |
| Creators: | Davi, Lucas and Sadeghi, Ahmad-Reza |
| Title: | Building Secure Defenses Against Code-Reuse Attacks |
| Language: | German |
| Abstract: | This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET. Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented. Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks. |
| Publisher: | Springer International Publishing |
| ISBN: | 978-3-319-25544-6 |
| Uncontrolled Keywords: | ICRI-SC;STC Secure and Trustworthy Systems;S2;Secure Things;Solutions |
| Divisions: | 20 Department of Computer Science 20 Department of Computer Science > System Security Lab DFG-Collaborative Research Centres (incl. Transregio) DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres Profile Areas Profile Areas > Cybersecurity (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments |
| Date Deposited: | 04 Aug 2016 10:13 |
| DOI: | 10.1007/978-3-319-25546-0 |
| Identification Number: | TUD-CS-2015-1309 |
| Export: |
Optionen (nur für Redakteure)
 |
View Item |
Drucken
Impressum