1 |
S. Checkoway, L. Davi, A. Dmitrienko, A.-R. Sadeghi, H. Shacham, and M. Winandy, "Return-oriented programming without returns", CCS 2010, 2010
|
2 |
H. Shacham. "The Geometry of Innocent Flesh on the Bone: Return-Into-Libc without Function Calls (on the x86)", the 14th ACM Conference on Computer and Communications Security, 2007 DOI: http://dx.doi.org/10.1145/1315245.1315313
DOI
|
3 |
Pax Project, "address space layout randomization", http://pax.grsecurity.net/docs/aslr.txt, 2003
|
4 |
Ju-Hyuk Kim, Jin-Ho Choi, Yo-Ram Lee, Soo-Hyun Oh, "Study on Return-Oriented Programming in Mac OSX", CISC-W 2011, pp. 146-149, 2011
|
5 |
T. Bletsch, X. Jiang, V. Freeh, "Jump-Oriented Programming: A New Class of Code-Reuse Attack", In CSC Technical Report TR-2010-8, NCSU, 2010
|
6 |
Piotr Bania, "Security Mitigations for Return-Oriented Programming Attacks", http://piotrbania.com/all/articles/pbania_rop_mitigations2010.pdf, 2010
|
7 |
Kaan Onarlioglu, Leyla Bilge, Andrea Lanzi, Davide Balzarotti, and Engin Kirda. G-Free : defeating return-oriented programming through gadget-less binaries. In ACSAC'10, Annual Computer Security Applications Conference, 2010.
|
8 |
P. Chen, H. Xiao, X. Shen, X. Yin, B. Mao, and L. Xie. Drop: Detecting return-oriented programming malicious code. In Lecture Notes in Computer Science, 2009.
|
9 |
Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy, "ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks", Technical Report HGI-TR-2010-001, 2010.
|
10 |
Ju-Hyuk Kim, Yo-Ram Lee, Soo-Hyun Oh, "A detection mechanism for Jump-Oriented Programming at binary level", Journal of The Korea Institute of Information Securoty & Cryptography, vol. 22 No. 5, pp. 1069-1078, 2012.
과학기술학회마을
|
11 |
Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, GeoLowney, Steven Wallace, Vijay J. Reddi, and Kim Hazelwood. Pin: Building customized program analysis tools with dynamic instrumentation. In PLDI '05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, volume 40, pages 190-200, New York, NY, USA, 2005
|
12 |
Mehmet Kayaalp, "Example Jump-Oriented Programming Attack", http://cs.binghamton.edu/-mkayaalp/jop.html, 2012
|
13 |
Aleph. One. "Smashing The Stack For Fun And Profit", Phrack49, 1996
|
14 |
Microsoft TechNet, "Data Execution Prevention", http://technet.microsoft.com/ko-kr/library/cc738483 (WS.10).aspxc0ntex, "Bypassing non-executable stack during exploitation using return-to-libc", http://www.infosecwriters.com/text/resources/pdf/ return-to-libc.pdf
|