[1] |
FRANZ M , . E unibus pluram:massive-scale software diversity as a defense mechanism[C]// Proceedings of the 2010 New Security Paradigms Workshop. 2010: 7-16.
|
[2] |
LARSEN P , HOMESCU A , Brunthaler S ,et al. SoK:automated software diversity[C]// Proceedings of 2014 IEEE Symposium on Security and Privacy. 2014: 276-291.
|
[3] |
COHEN F B . Operating system protection through program evolution[J]. Comput Secur, 1993,12(6): 565-584.
|
[4] |
MARCO-GISBERT H , RIPOLL I . On the effectiveness of full-ASLR on 64-bit Linux[C]// Proceedings of the In-Depth Security Conference. 2014.
|
[5] |
JACKSON T , SALAMAT B , HOMESCU A ,et al. Compiler-generated software diversity[M]// Moving Target Defense. New York: Springer, 2011: 77-98.
|
[6] |
HISER J , NGUYEN-TUONG A , CO M ,et al. ILR:where'd my gadgets go[C]// Proceedings of 2012 IEEE Symposium on Security and Privacy. 2012: 571-585.
|
[7] |
COFFMAN J , KELLY D M , WELLONS C C ,et al. ROP gadget prevalence and survival under compiler-based binary diversification schemes[C]// Proceedings of the 2016 ACM Workshop on Software PROtection. 2016: 15-26.
|
[8] |
CONTI M , . Selfrando:securing the tor browser against de- anonymization exploits[C]// Proceedings of Priv Enhancing Technol. 2016: 454-469.
|
[9] |
JUNOD P , RINALDINI J , WEHRLI J ,et al. Obfuscator-LLVM--software protection for the masses[C]// Proceedings of 2015 IEEE/ACM 1st International Workshop on Software Protection. 2015: 3-9.
|
[10] |
BANESCU S , COLLBERG C , PRETSCHNER A . Predicting the resilience of obfuscated code against symbolic execution attacks via machine learning[C]// Proceedings of 26th USENIX Security Symposium (USENIX Security 17). 2017: 661-678.
|
[11] |
WENZL M , MERZDOVNIK G , ULLRICH J ,et al. From hack to elaborate technique—a survey on binary rewriting[J]. ACM Computing Surveys (CSUR), 2019,52(3): 1-37.
|
[12] |
HOMESCU A , NEISIUS S , LARSEN P ,et al. Profile-guided automated software diversity[C]// Proceedings of the 2013 IEEE/ACM Interna-tional Symposium on Code Generation and Optimization (CGO). 2013: 1-11.
|
[13] |
MURPHY M , LARSEN P , BRUNTHALER S ,et al. Software profiling options and their effects on security based diversification[C]// Proceedings of the First ACM Workshop on Moving Target Defense. 2014: 87-96.
|
[14] |
HOMESCU A , JACKSON T , CRANE S ,et al. Large-scale automated software diversity-program evolution redux[J]. IEEE Transactions on Dependable and Secure Computing, 2015,14(2): 158-171.
|
[15] |
KRAHMER S . x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique[R]. 2005.
|
[16] |
彭国军, 梁玉, 张焕国 ,等. 软件二进制代码重用技术综述[J]. 软件学报, 2017,28(8): 2026-2045.
|
|
PENG G J , LIANG Y , ZHANG H G ,et al. Survey on software binary code reuse technologies[J]. Journal of Software, 2017,28(8): 2026-2045.
|
[17] |
DAVI L , SADEGHI A R . Building secure defenses against code-reuse attacks[M]. Berlin: Springer International Publishing, 2015.
|
[18] |
柳童, 史岗, 孟丹 . 代码重用攻击与防御机制综述[J]. Journal of信息安全学报, 2016,1(2).
|
|
LIU T , SHI G , MENG D . A survey of code reuse attack and defense mechanisms[J]. Journal of Cyber Security, 2016,1(2).
|
[19] |
AHMED S , XIAO Y , SNOW K Z ,et al. Methodologies for quantifying (Re-) randomization security and timing under JIT-ROP[C]// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020: 1803-1820.
|
[20] |
侯宇 . 基于动态随机化和只可执行内存的JIT-ROP防御研究[D]. 南京:南京大学, 2016.
|
|
HONG Y . Defence aginst JIT-ROP based on dynamic randomization and executable only memory[D]. Nanjing:Nanjing University, 2016.
|
[21] |
WILLIAMS-KING D , KOBAYASHI H , WILLIAMS-KING K ,et al. Egalito:layout-agnostic binary recompilation[C]// Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems. 2020: 133-147.
|
[22] |
LUK C K , COHN R , MUTH R ,et al. Pin:building customized program analysis tools with dynamic instrumentation[J]. ACM Sigplan Notices, 2005,40(6): 190-200.
|
[23] |
CHATTERJEE N , BOSE S , DAS P P . Dynamic weaving of aspects in C/C++ using PIN[C]// Proceedings of the International Conference on High Performance Compilation,Computing and Communications. 2017: 55-59.
|
[24] |
陈小全, 薛锐 . 程序漏洞:原因,利用与缓解——以 C 和 C++语言为例[J]. 信息安全学报, 2017,2(4).
|
|
CHEN X Q , XUE R . Cause,exploitation and mitigation of program vulnerability—C and C++ language as an example[J]. Journal of Cyber Security, 2017,2(4).
|
[25] |
MARCO-GISBERT H , RIPOLL I . Address space layout randomization next generation[J]. Applied Sciences, 2019,9(14): 2928.
|
[26] |
GUIDE P . Intel? 64 and ia-32 architectures software developer’s manual[J]. Volume 3B:System programming Guide,Part, 2011,2(11).
|
[27] |
PRIYADARSHAN S , NGUYEN H , SEKAR R . Practical fine-grained binary code randomization[C]// Proceedings of Annual Computer Security Applications Conference. 2020: 401-414.
|
[28] |
SALWAN J , WIRTH A . ROPGadget[EB].
|
[29] |
COPPENS B , DE SUTTER B , DE BOSSCHERE K . Protecting your software updates[J]. IEEE Security & Privacy, 2012,11(2): 47-54.
|
[30] |
WARTELL R , MOHAN V , HAMLEN K W ,et al. Binary stirring:self-randomizing instruction addresses of legacy X86 binary code[C]// Proceedings of the 2012 ACM Conference on Computer and Communications Security. 2012: 157-168.
|