Abstract
Computing platforms have become an integral part of our society over the last few decades. The landscape of computing platforms is highly diverse: starting from desktop PCs and laptops for end-users, powerful workstations used to perform highly complex calculations (e.g., weather calculations), web servers that need to simultaneously handle thousands of incoming requests, smartphones and tablets enabling on-the-road data access, up to tiny embedded devices deployed in sensors, cars, electronic passports, and medical devices.
Keywords
- Electronic Passports
- Powerful Workstations
- Code-reuse Attacks
- Return-oriented Programming
- Malicious Code Injection
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity: principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. 13(1), 4:1–4:40 (2009). http://doi.acm.org/10.1145/1609956.1609960
Aleph One: Smashing the stack for fun and profit. Phrack Mag. 49(14) (2000). http://phrack.org/issues/49/14.html
Avraham, I.: Exploitation on ARM - technique and bypassing defense mechanisms. https://www.defcon.org/images/defcon-18/dc-18-presentations/Avraham/DEFCON-18-Avraham-Modern%20ARM-Exploitation-WP.pdf (2010)
blexim: Basic integer overflows. Phrack Mag. 60(10) (2002). http://www.phrack.org/issues.html?issue=60&id=10#article
Boettger, L.: The Morris worm: how it affected computer security and lessons learned by it. http://www.giac.org/paper/gsec/405/morris-worm-affected-computer-security-lessons-learned/100954 (2000)
Checkoway, S., Feldman, A.J., Kantor, B., Halderman, J.A., Felten, E.W., Shacham, H.: Can DREs provide long-lasting security? The case of return-oriented programming and the AVC advantage. In: Proceedings of the 2009 Conference on Electronic Voting Technology/Workshop on Trustworthy Elections, EVT/WOTE’09 (2009). http://dl.acm.org/citation.cfm?id=1855491.1855497
Chen, X., Caselden, D., Scott, M.: The dual use exploit: CVE-2013-3906 used in both targeted attacks and crimeware campaigns. https://www.fireeye.com/blog/threat-research/2013/11/the-dual-use-exploit-cve-2013-3906-used-in-both-targeted-attacks-and-crimeware-campaigns.html (2013)
Cohen, F.B.: Operating system protection through program evolution. Comput. Secur. 12(6), 565–584 (1993). doi:10.1016/0167-4048(93)90054-9
Cowan, C., Pu, C., Maier, D., Hintony, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX Security Symposium (1998). http://dl.acm.org/citation.cfm?id=1267549.1267554
Cowan, C., Beattie, S., Johansen, J., Wagle, P.: Pointguard: protecting pointers from buffer overflow vulnerabilities. In: Proceedings of the 12th USENIX Security Symposium (2003). http://dl.acm.org/citation.cfm?id=1251353.1251360
Danyliw, R., Householder, A.: “Code Red” worm exploiting buffer overflow in IIS indexing service DLL. http://www.cert.org/historical/advisories/ca-2001-19.cfm? (2001)
Francillon, A., Castelluccia, C.: Code injection attacks on Harvard-architecture devices. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS’08 (2008). http://doi.acm.org/10.1145/1455770.1455775
Gera: Advances in format string exploitation. Phrack Mag. 59(12) (2002). http://www.phrack.com/issues.html?issue=59&id=7
Goodin, D.: Apple quicktime backdoor creates code-execution peril. http://www.theregister.co.uk/2010/08/30/apple_quicktime_critical_vuln/ (2010)
Greenough, J.: The Internet of everything. http://uk.businessinsider.com/internet-of-everything-2015-bi-2014-12?op=1?r=US (2015)
jduck: The latest Adobe exploit and session upgrading. http://bugix-security.blogspot.de/2010/03/adobe-pdf-libtiff-working-exploitcve.html (2010)
Kornau, T.: Return oriented programming for the ARM architecture. Master’s thesis, Ruhr-University Bochum (2009). http://static.googleusercontent.com/media/www.zynamics.com/en//downloads/kornau-tim--diplomarbeit--rop.pdf
Kuznetsov, V., Szekeres, L., Payer, M., Candea, G., Sekar, R., Song, D.: Code-pointer integrity. In: Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation, OSDI’14 (2014). http://dl.acm.org/citation.cfm?id=2685048.2685061
Lindner, F.: Router exploitation. http://www.blackhat.com/presentations/bh-usa-09/LINDNER/BHUSA09-Lindner-RouterExploit-SLIDES.pdf (2009)
Marschalek, M.: Dig deeper into the ie vulnerability (cve-2014-1776) exploit. https://www.cyphort.com/dig-deeper-ie-vulnerability-cve-2014-1776-exploit/ (2014)
Matrosov, A., Rodionov, E., Harley, D., Malcho, J.: Stuxnet under the microscope. http://www.esetnod32.ru/company/viruslab/analytics/doc/Stuxnet_Under_the_Microscope.pdf (2001)
Microsoft: Enhanced Mitigation experience toolkit. https://www.microsoft.com/emet (2015)
Microsoft: Data execution prevention (DEP). http://support.microsoft.com/kb/875352/EN-US/ (2006)
Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: SoftBound: highly compatible and complete spatial memory safety for C. In: Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI’09 (2009). http://doi.acm.org/10.1145/1542476.1542504
Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: Cets: compiler enforced temporal safety for C. In: Proceedings of the 2010 International Symposium on Memory Management, ISMM’10 (2010). http://doi.acm.org/10.1145/1806651.1806657
NC State University: What is the Slammer worm/SQL worm/Sapphire worm? https://ethics.csc.ncsu.edu/abuse/wvt/Slammer/study.php (2001)
Nergal: The advanced return-into-lib(c) exploits: PaX case study. Phrack Mag. 58(4) (2001). http://www.phrack.org/issues.html?issue=58&id=4#article
Novark, G., Berger, E.D.: DieHarder: securing the heap. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS’10 (2010). http://doi.acm.org/10.1145/1866307.1866371
Pincus, J., Baker, B.: Beyond stack smashing: recent advances in exploiting buffer overruns. IEEE Secur. Privacy Mag. 2(4), 20–27 (2004). http://dx.doi.org/10.1109/MSP.2004.36
Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS’07 (2007). http://doi.acm.org/10.1145/1315245.1315313
Solar Designer: lpr LIBC RETURN exploit. http://insecure.org/sploits/linux.libc.return.lpr.sploit.html (1997)
Spafford, E.H.: The internet worm program: an analysis. SIGCOMM Comput. Commun. Rev. 19(1), 17–57 (1989). http://doi.acm.org/10.1145/66093.66095
Szekeres, L., Payer, M., Wei, T., Song, D.: Sok: Eternal war in memory. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, SP’13 (2013). http://dx.doi.org/10.1109/SP.2013.13
Thomlinson, M.: Announcing the BlueHat prize winners. https://blogs.technet.com/b/msrc/archive/2012/07/26/announcing-the-bluehat-prize-winners.aspx?Redirected=true (2012)
van der Veen, V., dutt-Sharma, N., Cavallaro, L., Bos, H.: Memory errors: the past, the present, and the future. In: Proceedings of the 15th International Conference on Research in Attacks, Intrusions, and Defenses, RAID’12 (2012). http://dx.doi.org/10.1007/978-3-642-33338-5_5
Vreugdenhil, P.: Pwn2Own 2010 Windows 7 Internet Explorer 8 exploit. http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf (2010)
Westin, K.: GnuTLS crypto library vulnerability CVE-2014-3466. http://www.tripwire.com/state-of-security/latest-security-news/gnutls-crypto-library-vulnerability-cve-2014-3466/ (2014)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2015 The Author(s)
About this chapter
Cite this chapter
Davi, L., Sadeghi, AR. (2015). Introduction. In: Building Secure Defenses Against Code-Reuse Attacks. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-25546-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-25546-0_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25544-6
Online ISBN: 978-3-319-25546-0
eBook Packages: Computer ScienceComputer Science (R0)