Filters








88 Hits in 7.4 sec

Efficient Protection Against Heap-Based Buffer Overflows Without Resorting to Magic [chapter]

Yves Younan, Wouter Joosen, Frank Piessens
2006 Lecture Notes in Computer Science  
In this paper we present an approach that, when applied to a memory allocator, will protect against this attack vector without resorting to magic.  ...  Bugs in dynamic memory management, including for instance heap-based buffer overflows and dangling pointers, are an important source of vulnerabilities in C and C++.  ...  Alternative approaches Other approaches that protect against the more general problem of buffer overflows also protect against heap-based buffer overflows.  ... 
doi:10.1007/11935308_27 fatcat:ppdeqwcx5jgoba4vqdkqhvifdu

Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution [chapter]

Georgios Portokalidis, Angelos D. Keromytis
2011 Advances in Information Security  
buffer overflows.  ...  Instruction-set randomization (ISR) obfuscates the "language" understood by a system to protect against code-injection attacks by presenting an ever-changing target.  ...  More importantly, NX does not protect from unauthorized code execution. PointGuard [45] uses encryption to protect pointers from buffer overflows.  ... 
doi:10.1007/978-1-4614-0977-9_3 fatcat:rdwqqfst6jeedkb42mf5ivkv5q

On the General Applicability of Instruction-Set Randomization

Stephen W. Boyd, Gaurav S. Kc, Michael E. Locasto, Angelos D. Keromytis, Vassilis Prevelakis
2010 IEEE Transactions on Dependable and Secure Computing  
The SQL prototype consists of an SQL query-randomizing proxy that protects against SQL-injection attacks with no changes to database servers, minor changes to CGI scripts, and with negligible performance  ...  We demonstrate how to mitigate the significant performance impact of emulation-based ISR by using several heuristics to limit the scope of randomized (and interpreted) execution to sections of code that  ...  Thus, our approach addresses (at least in principle) not only stack-and heap-based buffer overflow attacks, but any type of remote code-injection attack.  ... 
doi:10.1109/tdsc.2008.58 fatcat:wcogowrapjftzarkbwdgbncxqi

The BORG

Matthias Neugschwandtner, Paolo Milani Comparetti, Istvan Haller, Herbert Bos
2015 Proceedings of the 5th ACM Conference on Data and Application Security and Privacy - CODASPY '15  
In this work, we introduce the BORG (Buffer Over-Read Guard), a testing tool that uses static and dynamic program analysis, taint propagation and symbolic execution to detect buffer overread bugs in real-world  ...  BORG works by first selecting buffer accesses that could lead to an overread and then guiding symbolic execution towards those accesses along program paths that could actually lead to an overread.  ...  Acknowledgments The research leading to these results has received funding from the  ... 
doi:10.1145/2699026.2699098 dblp:conf/codaspy/Neugschwandtner15 fatcat:2gitoroosrdafplnaswr2rysc4

Memento mori: dynamic allocation-site-based optimizations

Daniel Clifford, Hannes Payer, Michael Stanton, Ben L. Titzer
2015 SIGPLAN notices  
We introduce a new implementation technique where allocation mementos processed by the garbage collector and runtime system efficiently tie objects back to allocation sites in the program and dynamically  ...  While all languages can benefit from efficient automatic memory management, languages like JavaScript present extra thrill with innocentlooking but difficult features like dynamically-sized arrays, deletable  ...  Allocation mementos efficiently tie objects to a small payload without a large space or time cost on the program.  ... 
doi:10.1145/2887746.2754181 fatcat:7o3cbwpjyfgr3b7mpfvzom3ebe

Memento mori: dynamic allocation-site-based optimizations

Daniel Clifford, Hannes Payer, Michael Stanton, Ben L. Titzer
2015 Proceedings of the 2015 ACM SIGPLAN International Symposium on Memory Management - ISMM 2015  
We introduce a new implementation technique where allocation mementos processed by the garbage collector and runtime system efficiently tie objects back to allocation sites in the program and dynamically  ...  While all languages can benefit from efficient automatic memory management, languages like JavaScript present extra thrill with innocentlooking but difficult features like dynamically-sized arrays, deletable  ...  Allocation mementos efficiently tie objects to a small payload without a large space or time cost on the program.  ... 
doi:10.1145/2754169.2754181 dblp:conf/iwmm/CliffordPST15 fatcat:4k646jgtdjemrhkh5jteohfoey

SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis

Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, Giovanni Vigna
2016 2016 IEEE Symposium on Security and Privacy (SP)  
Our framework has been open-sourced and is available to the security community. IEEE Symposium on Security and Privacy  ...  In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed.  ...  Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon.  ... 
doi:10.1109/sp.2016.17 dblp:conf/sp/Shoshitaishvili16 fatcat:dw3axxn4mbczjmhpwhwd5jnfe4

Fine-Grained Control-Flow Integrity for Kernel Software

Xinyang Ge, Nirupama Talele, Mathias Payer, Trent Jaeger
2016 2016 IEEE European Symposium on Security and Privacy (EuroS&P)  
Using these insights, we show how to choose optimized defenses for kernels to handle system events, enabling comprehensive and efficient CFI enforcement.  ...  We present a mostly-automated approach for retrofitting kernel software that leverages features of such software to enable comprehensive, efficient, fine-grained CFI enforcement.  ...  This material is based upon work supported by the National Science Foundation under Grant No. CNS-1408880 and No. CNS-1513783.  ... 
doi:10.1109/eurosp.2016.24 dblp:conf/eurosp/GeTPJ16 fatcat:6oplu6rbgfcjlnipr2kzfb2cpe

Transactional Memory, 2nd edition

Tim Harris, James Larus, Ravi Rajwar
2010 Synthesis Lectures on Computer Architecture  
This enables a seamless design without special casing to distinguish overflowed from non-overflowed cases.  ...  spaces (as opposed to distributed STM systems based on replicating the heap across a set of address spaces).  ...  WWT was a DARPA and NSF-funded project investigated new approaches to simulating, building, and programming parallel shared-memory computers.  ... 
doi:10.2200/s00272ed1v01y201006cac011 fatcat:25d3gvp5zrfqlgpzdzknqouofi

Software-based Microarchitectural Attacks [article]

Daniel Gruss
2017 arXiv   pre-print
Software-based microarchitectural attacks exploit effects of these optimizations.  ...  In the second part, a selection of our papers are provided without modification from their original publications.  ...  We present a countermeasure against Prefetch Side-Channel Attacks on commodity systems, that involves reorganizing the user and kernel address space to protect KASLR.  ... 
arXiv:1706.05973v1 fatcat:4hwdpe4dancmblsxasg3a75h7a

BasicBlocker: ISA Redesign to Make Spectre-Immune CPUs Faster [article]

Jan Philipp Thoma, Jakob Feldtkeller, Markus Krausz, Tim Güneysu, Daniel J. Bernstein
2021 arXiv   pre-print
The obvious way to simplify the analysis of speculative-execution attacks is to eliminate speculative execution.  ...  cost analyses consider only software written for current instruction-set architectures, so they do not rule out the possibility of a new instruction-set architecture providing acceptable performance without  ...  overflows.  ... 
arXiv:2007.15919v2 fatcat:d2ejjqtr7rhuhfyn4gtjcf45hq

Informal Introduction to ALGOL 68

C. H. Lindsey, S. G. Van Der Muelen
1972 Biometrics  
ACKNOWLEDGEMENTS The Authors wish to thank Prof. Dr.  ...  to the base of natural logarithms, i.e. 2.718281828459045 c ..  ...  E6) int nmb buffers = e the number of items the buffer can hold e; [1 : nmb buffers] item buffer; int index := 0, exdex := 0; ¢ pointers to items within the buffer ¢ bool work to be done := true,  ... 
doi:10.2307/2528981 fatcat:sgyece5sifdvzagrpkzfthedrm

LogTM: Log-based Transactional Memory

K.E. Moore, J. Bobba, M.J. Moravan, M.D. Hill, D.A. Wood
The Twelfth International Symposium on High-Performance Computer Architecture, 2006.  
LogTM's unique log-based version management combined with innovative sticky states allow it to break this dependence on the cache without adding complex hardware.  ...  Furthermore, transactions may be nested to allow programmers to build thread-safe libraries without exposing implementation details such as locking conventions to higher levels of software.  ...  HTM systems are not only more efficient than STMs, but are more efficient than lock-based synchronization for most applications.  ... 
doi:10.1109/hpca.2006.1598134 dblp:conf/hpca/MooreBMHW06 fatcat:7joai4xgm5b2tbgdgx3vvwxh3q

Parallel and Concurrent Programming in Haskell [chapter]

Simon Marlow
2012 Lecture Notes in Computer Science  
Line 3 sets the buffering mode for the Handle to line-buffering; if we don't do that then output sent to the Handle will be buffered up by the I/O layer until there is a full block (which is more efficient  ...  Communication is implicit in GHC since all tasks share the same heap, and can share objects without restriction.  ...  On the other hand, if we wanted to use a typed channel to send the Ping messages, things get more complicated.  ... 
doi:10.1007/978-3-642-32096-5_7 fatcat:vaj62c3ijre3nof5dchrrlfv4m

Ecological Safety and Economic Profitability of a Recreation Object in the Coast – Sea System
Ekologicheskaya bezopasnost' i ekonomicheskaya rentabel'nost' ob"yekta rekreatsii v sisteme bereg – more

I. E. Timchenko, E. M. Igumnova, A. S. Beskorovayny, Marine Hydrophysical Institute, Russian Academy of Science, Sevastopol, Russia, Marine Hydrophysical Institute, Russian Academy of Sciences, Sevastopol, Russia, Marine Hydrophysical Institute, Russian Academy of Sciences, Sevastopol, Russia
2020 Ekologicheskaya bezopasnost pribrezhnoy i shel fovoy zon morya  
The model is based on the concept of an environmentally safe stationary state of the marine ecosystem, in which these rates are equal and the risk of infection of vacationers with bacterial, viral and  ...  It is assumed that this risk is proportional to the rate of increase in the concentration of pollution entering the marine environment during delivery of services, and inversely proportional to the rate  ...  But we do recognize limits to protectionism, especially when applied to protect rival goods against competition from non-rival goods.  ... 
doi:10.22449/2413-5577-2020-4-130-143 fatcat:j24l5jjqtrbtfilvceslsnca24
« Previous Showing results 1 — 15 out of 88 results