연구동향 분석
박사

Code transformation techniques to enforce security policies for memory protection

신장섭 2020년

논문상세정보
인용/피인용
' Code transformation techniques to enforce security policies for memory protection' 의 주제별 논문영향력
논문영향력 선정 방법
논문영향력 요약
주제
  • 응용 물리
  • 메모리 보호
  • 컴퓨터보안
  • 코드 변환
동일주제 총논문수 논문피인용 총횟수 주제별 논문영향력의 평균
4,662 0

0.0%

' Code transformation techniques to enforce security policies for memory protection' 의 참고문헌

  • unix-like reverse engineering framework and commandline tools
  • krˆx : Comprehensive kernel protection against just-in-time code reuse .
    pages 420–436 . ACM [2017]
  • executable-only-memory-switch ( xom-switch )
    [2018]
  • [9] Zelalem Birhanu Aweke and Todd Austin. usfi: Ultra-lightweight software fault isolation for iot-class devices. In 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE), pages 1015–1020. IEEE, 2018.
  • [95] Sherri Sparks and Jamie Butler. Shadow walker: Raising the bar for rootkit detection. Black Hat Japan, 11(63):504–533, 2005.
  • [8] Atmel. Atmel-11057c-atarm-sam3x-sam3a-datasheet, 2015.
  • [7] ARM. Embedded Trace Macrocell Architecture Specification, 2011.
  • [76] ODROID. smart-power. https://wiki.odroid.com/old_product/ accessory/odroidsmartpower.
  • [75] Gene Novark and Emery D Berger. Dieharder: securing the heap. In Proceedings of the 17th ACM conference on Computer and communications security, pages 573–584. ACM, 2010.
  • [74] Gor V Nishanov and Sibylle Schupp. Garbage collection in generic libraries. ACM SIGPLAN Notices, 34(3):86–96, 1999.
  • [70] Gleb Naumovich and Nasir Memon. Preventing piracy, reverse engineering, and tampering. Computer, 36(7):64–71, 2003.
  • [6] ARM. The mebed os uvisor. https://www.mbed.com/en/ technologies/security/uvisor/.
  • [5] Arduino. arduino-due. https://store.arduino.cc/usa/ arduino-due.
  • [56] Roland Buschkes Pavel Laskov. Detection of intrusions and malware & vulner- ¨ ability assessment. 2006.
  • [49] IAR. Execute in ram after copying from flash or rom. https://www.iar.com/support/tech-notes/general/ execute-in-ram-after-copying-from-flashrom-v5. 20-and-later/.
  • [47] ARM Holdings. Armv7-m architecture reference manual, 2010.
  • [40] Sanjay Ghemawat and Paul Menage. Tcmalloc: Thread-caching malloc, 2007. URL {http://goog-perftools. sourceforge. net/doc/tcmalloc. html}, 2005.
  • [2] Periklis Akritidis. Cling: A memory allocator to mitigate dangling pointers. In USENIX Security Symposium, pages 177–192, 2010.
  • [1] the heartbleed bug. http://heartbleed.com/.
  • [109] I Xilinx. Microblaze processor reference guide v13. 4. reference manual, 2011.
  • You can run but you can ’ t read : Prevent¨ ing disclosure exploits in executable code .
    pages 1342– 1353 [2014]
  • Watchdoglite : Hardware-accelerated compiler-based pointer checking . In Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
    page 175 [2014]
  • Watchdog : Hardware for safe and secure manual memory management and full memory safety . In ACM SIGARCH Computer Architecture News
    volume 40 , pages 189–200 [2012]
  • Vuzzer : Application-aware evolutionary fuzzing
    volume 17 , pages 1–14 , [2017]
  • Uniprocessor garbage collection techniques . In Memory Management
    pages 1–42 [1992]
  • Undangle : early detection of dangling pointers in use-after-free and double-free vulnerabilities .
    [2012]
  • Tresor runs encryption ¨ securely outside ram
    volume 17 [2011]
  • The parsec benchmark suite : Characterization and architectural implications
    [2008]
  • The inlined reference monitor approach to security policy ´ enforcement
    [2003]
  • Technical report , Technical Report TR2008-120
    Cited on [2008]
  • SpecCpu2006 benchmark descriptions
    34 ( 4 ) :1–17 [2006]
  • Spatio-temporalContext reduction : A pointer-analysis-based static approach for detecting use-after-free vulnerabilities .
    [2018]
  • Sok : Automated software diversity
    [2014]
  • Software vulnerability exploitation trends
    [2013]
  • Softbound : HighlyCompatible andComplete spatial memory safety forC. ACM Sigplan Notices
    44 ( 6 ) :245–258 [2009]
  • Shuffler : Fast and deployableContinuousCode rerandomization .
    { OSDI } 16 ) , pages 367–382 , [2016]
  • Securing real-time microcontroller systems throughCustomized memory view switching
    [2018]
  • Secure program execution via dynamic information flow tracking
    volume 38 , pages 85–96 . ACM [2004]
  • Secure and efficient application monitoring and replication
    { USENIX } { ATC } 16 ) , pages 167–179 , [2016]
  • Riot os : Towards an os for the internet of things
    [2013]
  • Rifle : An architectural framework for user-centric informationflow security . In Microarchitecture
  • Readactor : PracticalCode randomization resilient to memory disclosure
    [2015]
  • Raksha : a flexible information flow architecture for software security .
    volume 35 , pages 482–493 . ACM [2007]
  • Quantifying the performance of garbageCollection vs. explicit memory management
    volume 40 , pages 313–326 . ACM [2005]
  • Protecting bare-metal embedded systems with privilege overlays .
    [2017]
  • Program-adaptive mutational fuzzing
    pages 725– 741 [2015]
  • Preventing use-after-free with dangling pointers nullification
    [2015]
  • Preventing memory error exploits with wit
    [2008]
  • Preventing kernelCode-reuse attacks through disclosure resistantCode diversification .
    [2016]
  • Precise garbageCollection forC. In Proceedings of the 2009 international symposium on Memory management
    pages 39–48 . ACM [2009]
  • Pointer provenance in aCapability architecture .
    [2018]
  • Panorama : capturing system-wide information flow for malware detection and analysis
    [2007]
  • Oxymoron : Making fine-grained mem- ¨ ory randomization practical by allowing code sharing .
    [2014]
  • Operating system controlled processor-memory bus encryption
    DATE ’ 08 , pages 1154–1159 [2008]
  • On the type accuracy of garbage collection
    36 ( 1 ) :1–11 [2001]
  • Norax : Enabling execute-only memory for cots binaries on aarch64
    [2017]
  • No need to hide : Protecting safe regions on commodity hardware
    [2017]
  • Native client : A sandbox for portable , untrusted x86 native code
    [2009]
  • Modern C++ design : generic programming and design patterns applied
    [2001]
  • Metalloc : Efficient and comprehensive metadata management for software security hardening
    [2016]
  • Memsafe : ensuring the spatial and temporal memory safety of c at runtime . Software : Practice and Experience
    43 ( 1 ) :93–128 [2013]
  • Lift : A low-overhead practical information flow tracking sys126tem for detecting security attacks
  • Leakage-resilient layout randomization for mobile devices
    [2016]
  • Language-based information-flow security . Selected Areas in Communications
    21 ( 1 ) :5–19 [2003]
  • K-miner : Uncovering memory corruption in linux
    [2018]
  • Just-in-time code reuse : On the effectiveness of fine-grained address space layout randomization
    [2013]
  • Isomeron : Code randomization resilient to ( just-in-time ) return-oriented programming
    [2015]
  • Introducing arm cortex-m23 and cortex-m33 processors with trustzone for armv8-m
    [2016]
  • In Proceedings of the 6th international symposium on Memory management
    pages 2–14 . ACM [2007]
  • In Pro Objective-C
    pages 53–74 [2013]
  • In International Conference on Detection of Intrusions and Malware , and Vulnerability Assessment
    pages 1–22 [2008]
  • In C++ 17 Quick Syntax Reference
    pages 157–160 [2018]
  • In 11th USENIX Symposium on Operating Systems Design and Implementation
    OSDI 14 ) , pages 147–163 [2014]
  • IAS (2011), IFRS 13 Fair Value Measurement, effective 2013.
  • How to shadow every byte of memory used by a program
    [2007]
  • Hids : A host based intrusion detection system for cloud computing environment
    9 ( 3 ) :567–576 [2018]
  • Hidem : Protecting the contents of userspace memory in the face of disclosure vulnerabilities
    [2015]
  • Heaprevolver : Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks
    [2016]
  • Heap feng shui in javascript
    [2007]
  • Hdfi : Hardware-assisted dataflow isolation
    [2016]
  • Hardware assisted randomization of data . In International Symposium on Research in Attacks , Intrusions , and Defenses
    pages 337–358 [2018]
  • From collision to exploitation : Unleashing use-after-free vulnerabilities in linux kernel .
    [2015]
  • Freesentry : protecting against use-after-free vulnerabilities due to dangling pointers
    [2015]
  • Freeguard : A faster secure heap allocator
    pages 2389– 2403 [2017]
  • Fie on firmware : Finding vulnerabilities in embedded systems using symbolic execution .
    pages 463–478 , [2013]
  • Extrax : Security extention to extract cache resident information for snoop-based external monitors .
    [2015]
  • Exoshim : Preventing memory disclosure using execute-only kernel code .
    pages 56– 66 [2016]
  • Execution leases : A hardware-supported mechanism for enforcing strong non-interference .
    [2009]
  • Engineering heap overflow exploits with javascript
    [2008]
  • Enforcing kernel security invariants with data flow integrity
    [2016]
  • Efficient software-based fault isolation
    27 ( 5 ) :203–216 [1994]
  • Efficient dynamic information flow tracking on a processor with core debug interface
    [2015]
  • Dynamic taint analysis for automatic detection , analysis , and signature generation of exploits on commodity software
    volume 5 , pages 3–4 . Citeseer [2005]
  • Dynamic spyware analysis
    pages 233–246 [2007]
  • Dta++ : Dynamic taint analysis with targeted control-flow propagation .
    [2011]
  • Driller : Augmenting fuzzing through selective symbolic execution .
    volume 16 , pages 1–16 , [2016]
  • Diehard : probabilistic memory safety for unsafe languages .
    volume 41 , pages 158–168 . ACM [2006]
  • Design principles for tamper-resistant ¨ smartcard processors
    [1999]
  • Dangsan : Scalable use-after-free detection
    [2017]
  • Control flow integrity for { COTS } binaries
    [2013]
  • Complete information flow tracking from the gates up
    volume 44 , pages 109–120 . ACM [2009]
  • Cets : compiler enforced temporal safety for c. In ACM Sigplan Notices
    volume 45 , pages 31–40 . ACM [2010]
  • Beebs : Open benchmarks for energy measurements on embedded platforms
    [2013]
  • Avrand : a software-based defense against code reuse attacks for avr ´ embedded devices
    [2016]
  • Armv8-m architecture reference manual
    [2017]
  • Architecture for data-centric security
    [2012]
  • Architectural support for copy and tamper resistant software
    35 ( 11 ) :168–177 [2000]
  • Addresssanitizer : A fast address sanity checker .
    pages 309–318 [2012]
  • Adaptive compiler strategies for mitigating timing side channel attacks
    [2017]
  • Adapting software fault isolation to contemporary cpu architectures
    pages 1–12 [2010]
  • Aces : Automatic compartments for embedded systems
    [2018]
  • A tough call : Mitigating advanced code-reuse attacks at the binary level .
    [2016]
  • A software-hardware architecture for self-protecting data
    [2012]
  • A practical page-permissions-based scheme for thwarting dangling pointers
    [2017]
  • A lifetime-based garbage collector for lisp systems on general-purpose computers
    [1988]
  • A garbage collector for c and c++
    [2002]