[1] |
BIRMAN K P , SCHNEIDER F B . The monoculture risk put into context[J]. IEEE Security & Privacy, 2009,7(1): 14-17.
|
[2] |
SHACHAM H . The geometry of innocent flesh on the bone:return-into-libc without function calls (on the x86)[C]// Proceedings of the 14th ACM Conference on Computer and Communications Security. 2007: 552-561.
|
[3] |
CARLINI N , WAGNER D . ROP is still dangerous:breaking modern defenses[C]// Proceedings of 23rd USENIX Security Symposium (USENIX Security 14). 2014: 385-399.
|
[4] |
CHECKOWAY S , DAVI L , DMITRIENKO A ,et al. Return-oriented programming without returns[C]// Proceedings of the 17th ACM Conference on Computer and Communications Security- CCS '10. 2010: 559-572.
|
[5] |
SNOW K Z , MONROSE F , DAVI L ,et al. Just-in-time code reuse:on the effectiveness of fine-grained address space layout randomization[C]// Proceedings of 2013 IEEE Symposium on Security and Privacy. 2013: 574-588.
|
[6] |
LARSEN P , HOMESCU A , BRUNTHALER S ,et al. SoK:automated software diversity[C]// Proceedings of 2014 IEEE Symposium on Security and Privacy. 2014: 276-291.
|
[7] |
BAUDRY B , MONPERRUS M . The multiple facets of software diversity[J]. ACM Computing Surveys, 2015,48(1): 1-26.
|
[8] |
PAX T . PaX address space layout randomization (ASLR)[R]. 2003.
|
[9] |
CRANE S , LIEBCHEN C , HOMESCU A ,et al. Readactor:practical code randomization resilient to memory disclosure[C]// Proceedings of 2015 IEEE Symposium on Security and Privacy. 2015: 763-780.
|
[10] |
YAO D D , SHU X K , CHENG L ,et al. Anomaly detection as a service:challenges,advances,and opportunities[J]. Synthesis Lectures on Information Security,Privacy,and Trust, 2017,9(3): 1-173.
|
[11] |
GRIER C , BALLARD L , CABALLERO J ,et al. Manufacturing compromise:the emergence of exploit-as-a-service[C]// Proceedings of the 2012 ACM Conference on Computer and Communications Security. 2012: 821-832.
|
[12] |
GEARHART A S , HAMILTON P A , COFFMAN J . An analysis of automated software diversity using unstructured text analytics[C]// Proceedings of 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). 2018: 79-80.
|
[13] |
LE Q , MIKOLOV T . Distributed representations of sentences and documents[C]// Proceedings of International Conference on Machine Learning. 2014: 1188-1196.
|
[14] |
COFFMAN J , KELLY D M , WELLONS C C ,et al. ROP gadget prevalence and survival under compiler-based binary diversification schemes[C]// Proceedings of the 2016 ACM Workshop on Software PROtection. 2016: 15-26.
|
[15] |
HOMESCU A , NEISIUS S , LARSEN P ,et al. Profile-guided automated software diversity[C]// Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO). 2013: 1-11.
|
[16] |
熊浩, 晏海华, 郭涛 ,等. 代码相似性检测技术:研究综述[J]. 计算机科学, 2010,37(8): 9-14,76.
|
|
XIONG H , YAN H H , GUO T ,et al. Code similarity detection:a survey[J]. Computer Science, 2010,37(8): 9-14,76.
|
[17] |
KRINKE J . Identifying similar code with program dependence graphs[C]// Proceedings of Eighth Working Conference on Reverse Engineering. 2001: 301-309.
|
[18] |
BAKER B S . A program for identifying duplicated code[J]. Computing Science and Statistics, 1993: 49-49.
|
[19] |
ENGELS S , LAKSHMANAN V , CRAIG M . Plagiarism detection using feature-based neural networks[C]// Proceedings of the 38th SIGCSE Technical Symposium on Computer Science Education. 2007: 34-38.
|
[20] |
ZHANG L , ZHUANG Y T , YUAN Z M . A program plagiarism detection model based on information distance and clustering[C]// Proceedings of 2007 International Conference on Intelligent Pervasive Computing (IPC 2007). 2007: 431-436.
|
[21] |
PRIYADARSHAN S , NGUYEN H , SEKAR R . Practical fine-grained binary code randomization[C]// Proceedings of Annual Computer Security Applications Conference, 2020: 401-414.
|
[22] |
刘镇武, 隋然, 张铮 ,等. 基于信息熵与软件复杂度的软件多样性评估方法[J]. 信息工程大学学报, 2020,21(2): 207-213.
|
|
LIU Z W , SUI R , ZHANG Z ,et al. Software diversity evaluation method based on information entropy and software complexity[J]. Journal of Information Engineering University, 2020,21(2): 207-213.
|
[23] |
BALACHANDRAN V , EMMANUEL S . Software protection with obfuscation and encryption[C]// Proceedings of Information Security Practice and Experience. 2013: 309-320.
|
[24] |
BANESCU S , COLLBERG C , GANESH V ,et al. Code obfuscation against symbolic execution attacks[C]// Proceedings of the 32nd Annual Conference on Computer Security Applications. 2016: 189-200.
|
[25] |
KELLY D M , WELLONS C C , COFFMAN J ,et al. Automatically validating the effectiveness of software diversity schemes[C]// Proceedings of 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks–Supplemental Volume (DSN-S). 2019: 1-2.
|
[26] |
AHMED S , XIAO Y , SNOW K Z ,et al. Methodologies for quantifying (Re-) randomization security and timing under JIT-ROP[C]// Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 2020: 1803-1820.
|
[27] |
FOLLNER A , BARTEL A , BODDEN E . Analyzing the gadgets[C]// Proceedings of International Symposium on Engineering Secure Software and Systems. 2016: 155-172.
|
[28] |
ROEMER R , BUCHANAN E , SHACHAM H ,et al. Return-oriented programming:systems,languages,and applications[J]. ACM Transactions on Information and System Security, 2012,15(1): 1-34.
|
[29] |
DAI Z D . Practical return-oriented programming[J]. Source Boston, 2010.
|
[30] |
HOMESCU A , STEWART M , LARSEN P ,et al. Microgadgets:size does matter in turing-complete return-oriented programming[J]. WOOT, 2012,12: 64-76.
|
[31] |
DOLAN S . MOV is turing-complete (2013)[EB].
|
[32] |
HAWKINS W H , HISER J D , CO M ,et al. Zipr:efficient static binary rewriting for security[C]// Proceedings of 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). 2017: 559-566.
|
[33] |
KOO H , CHEN Y H , LU L ,et al. Compiler-assisted code randomization[C]// Proceedings of 2018 IEEE Symposium on Security and Privacy. 2018: 461-477.
|
[34] |
CONTI M , CRANE S , FRASSETTO T ,et al. Selfrando:securing the tor browser against de-anonymization exploits[J]. Proc Priv Enhancing Technol, 2016(4): 454-469.
|
[35] |
JUNOD P , RINALDINI J , WEHRLI J ,et al. Obfuscator-LLVM:software protection for the masses[C]// Proceedings of 2015 IEEE/ACM 1st International Workshop on Software Protection. 2015: 3-9.
|
[36] |
PORTER C , MURURU G , BARUA P ,et al. BlankIt library debloating:getting what You want instead of cutting what you don’t[C]// Proceedings of PLDI 2020:Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation. 2020: 164-180.
|
[37] |
MISHRA S , POLYCHRONAKIS M . Saffire:context-sensitive function specialization against code reuse attacks[C]// Proceedings of 2020 IEEE European Symposium on Security and Privacy (EuroS&P). 2020: 17-33.
|