References
- Roemer, R.; Buchanan, E.; Shacham, H. and Savage, S. "Return-oriented programming: Systems, languages, and applications", ACM Transactions on Information and System Security (TISSEC), ACM, 2012.
- c0ntex, "Bypassing non-executable-stack during exploitation using return-to-libc", "http://www.infosecwriters.com/text_ resources/pdf/return-to-libc.pdf"
- Theo de Raadt, "i386 W^X", "http://marc.info/ ?l=openbsdmisc& m=105056000801065"
- Aleph One, "Smashing The Stack For Fun And Profit", Phrack, 7(49), 1996.
- Abadi, M.; Budiu, M.; Erlingsson, &U. and Ligatti, J., "Control-flow integrity principles, implementations, and applications", ACM Trans. Inf. Syst. Secur., ACM, 2009.
- Bletsch, T.; Jiang, X. and Freeh, V., "Mitigating code-reuse attacks with control-flow locking.", Proceedings of the 27th Annual Computer Security Applications Conference, pp.353-362, 2011.
- Zeng, B.; Tan, G. and Morrisett, G., "Combining control-flow integrity and static analysis for efficient and validated data sandboxing", Proceedings of the 18th ACM conference on Computer and communications security, pp.29-40, 2011.
- Visual Studio .Net 2003, "Introduction to Instrumentation and Tracing", http://msdn.microsoft.com/en-us/library/aa983649 (VS.71).aspx
- C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood.., "Pin: Building customized program analysis tools with dynamic instrumentation.", Proceedings of PLDI 2005, pp.190-200, ACM, 2005.
- Francillon, A., Perito D. and Castelluccia, C.,"Defending embedded systems against control flow attacks.", Proceedings of the First ACM Workshop on Secure Execution of Untrusted Code, SecuCode 2009, pp.19-26, ACM, 2009.
- Davi, L.; Sadeghi, A. and Winandy, M., "ROPdefender: A detection tool to defend against return-oriented programming attacks.", Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp.40-51, ACM, 2011.
- Chen, P., Xiao, H., Shen, X., Yin, X., Mao, B. and Xie, L., "DROP: Detecting return-oriented programming malicious code", Information Systems Security, pp.163-177, Springer, 2009.
- Checkoway, S.; Davi, L.; Dmitrienko, A.; Sadeghi, A.; Shacham, H. and Winandy, M., "Return-oriented programming without returns", Proceedings of the 17th ACM conference on Computer and communications security, pp.559-572, ACM, 2010.
- Bletsch, T., Jiang, X., Freeh, V. and Liang, Z., "Jump-oriented programming: A new class of code-reuse attack", Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp.30-40, ACM, 2011.
- Pappas, V., Polychronakis, M. and Keromytis, A., "Smashing the gadgets: Hindering return-oriented programming using in-place code randomization.", Security and Privacy (SP), 2012 IEEE Symposium on, pp.601-615, IEEE, 2012.
- Onarlioglu, K., Bilge, L., Lanzi, A., Balzarotti, D. and Kirda, E., "G-Free: defeating return-oriented programming through gadget-less binaries.", Proceedings of the 26th Annual Computer Security Applications Conference, pp.49-68, USENIX, 2010.
- Tools Interface Standards - TIS: Executable and Linkable Format(ELF), version 1.2. Portable formats specications (1995)
- Standard performance Evaluation Corporation. http://www.spec.org/benchmarks.html
- Jonathan Salwan, "ROPgadget Tool", http://shell-storm.org/project/ROPgadget