Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESSOS
2014
Springer
2014
Springer
Detecting Code Reuse Attacks with a Model of Conformant Program Execution
Abstract. Code reuse attacks circumvent traditional program protection mechanisms such as W ⊕ X by constructing exploits from code already present within a process. Existing techniques to defend against these attacks provide ad hoc solutions or lack in features necessary to provide comprehensive and adoptable solutions. We present a systematic approach based on first principles for the efficient, robust detection of these attacks; our work enforces expected program behavior instead of defending against anticipated attacks. We define conformant program execution (CPE) as a set of requirements on program states. We demonstrate that code reuse attacks violate these requirements and thus can be detected; further, new exploit variations will not circumvent CPE. To provide an efficient and adoptable solution, we also define observed conformant program execution, which validates program state at system call invocations; we demonstrate that this relaxed model is sufficient to detect code ...
Real-time Traffic| Added | 27 Apr 2014 |
| Updated | 27 Apr 2014 |
| Type | Journal |
| Year | 2014 |
| Where | ESSOS |
| Authors | Emily R. Jacobson, Andrew R. Bernat, William R. Williams, Barton P. Miller |
Comments (0)
Researcher Info
|
