Building Secure Defenses Against Code-Reuse Attacks [electronic resource] /
by Lucas Davi, Ahmad-Reza Sadeghi.
- 1st ed. 2015.
- X, 74 p. 16 illus., 8 illus. in color. online resource.
- SpringerBriefs in Computer Science, 2191-5768 .
- SpringerBriefs in Computer Science, .
Introduction -- Background and Evolution of Code-Reuse Attacks -- Building Control-Flow Integrity Defenses -- Building Code Randomization Defenses -- Discussion and Conclusion.
This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET. Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented. Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks.
9783319255460
10.1007/978-3-319-25546-0 doi
Computer science. Computer programming. Programming languages (Electronic computers). Computer security. Computers. Computer Science. Systems and Data Security. Programming Techniques. Programming Languages, Compilers, Interpreters. Information Systems and Communication Service.