1 |
Aleph. One, "Smashing The Stack For Fun And Profit," Phrack49, 1996.
|
2 |
Pax Project, "address space layout rando mization" http://pax.grsecurity.net/docs/aslr.txt, 2003.
|
3 |
Microsoft TechNet, "데이터 실행 방지, "http://technet.microsoft.com/ko-kr/lib rary/cc738483(WS.10).aspx.
|
4 |
C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. "Stack-Guard:Automatic adaptive detection and prevention of bufferoverflow attacks," Proceedings of the 7th USENIX Security Conference, pp. 63-78, Jan 1998.
|
5 |
Arjan van de Ven, ""New security Enhancements in Red Hat Enterprise Linux v.3, update 3"," Red Hat, 2004.
|
6 |
Nergal, "The advanced return-into-lib(c) exploits (Pax case study), "http://www.phrack.org/issues.html?issue=58&id=4&mode=txt, Dec 2001.
|
7 |
H. Shacham, "The Geometry of Innocent Flesh on the Bone: Return-Into-Libc without Function Calls (on the x86)," Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552-561, Oct 2007.
|
8 |
Piotr Bania, "Security Mitigations for Return-Oriented Programming Attacks," http://piotrbania.com/all/articles/pbania_rop_mitigations2010.pdf, 2010.
|
9 |
Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, and Engin Kirda, "G-Free : defeating return-oriented programming through gadget-less binaries," Proceedings of the ACSAC'10, Annual Computer Security Applications Conference, pp. 49-58, Dec 2010.
|
10 |
P. Chen, H. Xiao, X. Shen, X. Yin, B. Mao, and L. Xie, "Drop: Detecting returnoriented programming malicious code," Proceedings of the 5th International Conference on Information Systems Security, LNCS 5905, pp. 163-177, 2009.
|
11 |
Lucas Davi, Ahmad-Reza Sadeghi and Marcel Winandy, "ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks," HGI-TR-2010-001, Ruhr University Bochum, 2010.
|
12 |
S. Checkoway, L. Davi, A. Dmitrienko, A.-R. Sadeghi, H. Shacham, and M. Winandy, "Return-oriented programming without returns," Proceedings of the ACM Conference on Computer and Communications Security, pp. 559-572, 2010.
|
13 |
T. Bletsch, X. Jiang and V. Freeh, "Jump-Oriented Programming: A New Class of Code-Reuse Attack," TR-2010-8, North Carolina State University, 2010.
|
14 |
Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, GeoLowney, Steven Wallace, Vijay J. Reddi, and Kim Hazelwood, "Pin: Building customized program analysis tools with dynamic instrumentation," Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, pp. 190-120, 2005.
|
15 |
Mehmet Kayaalp, "Example Jump-Oriented Programming Attack," http://cs.binghamton.edu/-mkayaalp/jop.html, 2012.
|