Davi, Lucas ; Sadeghi, Ahmad-Reza:
Building Secure Defenses Against Code-Reuse Attacks.
Springer International Publishing
ISBN 978-3-319-25544-6
[Buch], (2015)
Kurzbeschreibung (Abstract)
This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET.
Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented.
Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks.
| Typ des Eintrags: | Buch |
|---|---|
| Erschienen: | 2015 |
| Autor(en): | Davi, Lucas ; Sadeghi, Ahmad-Reza |
| Titel: | Building Secure Defenses Against Code-Reuse Attacks |
| Sprache: | Deutsch |
| Kurzbeschreibung (Abstract): | This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET. Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented. Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks. |
| Verlag: | Springer International Publishing |
| Freie Schlagworte: | ICRI-SC;STC Secure and Trustworthy Systems;S2;Secure Things;Solutions |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit DFG-Sonderforschungsbereiche (inkl. Transregio) DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt DFG-Sonderforschungsbereiche (inkl. Transregio) > Sonderforschungsbereiche > SFB 1119: CROSSING – Kryptographiebasierte Sicherheitslösungen als Grundlage für Vertrauen in heutigen und zukünftigen IT-Systemen |
| Hinterlegungsdatum: | 04 Aug 2016 10:13 |
| ID-Nummer: | TUD-CS-2015-1309 |
| Export: |
Optionen (nur für Redakteure)
 |
Eintrag anzeigen |
Drucken
Impressum