Control-flow integrity principles, implementations, and applications, ACM Transactions on Information and System Security, vol.13, issue.1, pp.1-440, 2009. ,
DOI : 10.1145/1609956.1609960
Changes to functionality in windows xp service pack 2 -part 3: Memory protection technologies, 2004. ,
Jump-oriented programming, Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, pp.30-40, 2011. ,
DOI : 10.1145/1966913.1966919
Buffer overflows are the top software security vulnerability of the past 25 years, 2013. ,
Bypassing 3rd party windows buffer overflow protection, Phrack, issue.11, 2004. ,
Return-oriented programming without returns, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.559-572, 2010. ,
DOI : 10.1145/1866307.1866370
Non-control-data attacks are realistic threats, SSYM'05, pp.12-12, 2005. ,
ROPecker: A Generic and Practical Approach For Defending Against ROP Attacks, Proceedings 2014 Network and Distributed System Security Symposium, 2014. ,
DOI : 10.14722/ndss.2014.23156
Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection, Proc. of the 23rd USENIX Conf. on Security, SEC'14, pp.401-416, 2014. ,
ROPdefender, Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, pp.40-51, 2011. ,
DOI : 10.1145/1966913.1966920
Bypassing pax aslr protection, 2002. ,
How not to lie with statistics: the correct way to summarize benchmark results, Communications of the ACM, vol.29, issue.3, pp.218-221, 1986. ,
DOI : 10.1145/5666.5673
Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard, Proc. of the 23rd USENIX Conf. on Security Symposium, SEC'14, pp.417-432, 2014. ,
Windows isv software security defenses, 2010. ,
Practical timing side channel attacks against kernel space aslr. SP '13, pp.191-205, 2013. ,
Emerging stack pivoting exploits bypass common security, 2013. ,
Pin: building customized program analysis tools with dynamic instrumentation, PLDI '05, pp.190-200, 2005. ,
Data execution prevention ,
Jump Oriented Programming on Windows Platform (on the x86), Lecture Notes in Computer Science, vol.7335, pp.376-390, 2012. ,
DOI : 10.1007/978-3-642-31137-6_29
Smashing the stack for fun and profit, 1996. ,
Transparent rop exploit mitigation using indirect branch tracing. SEC'13, pp.447-462, 2013. ,
Return-Oriented Programming, ACM Transactions on Information and System Security, vol.15, issue.1, pp.1-2, 2012. ,
DOI : 10.1145/2133375.2133377
The geometry of innocent flesh on the bone, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, pp.552-561, 2007. ,
DOI : 10.1145/1315245.1315313
On the effectiveness of address-space randomization, Proceedings of the 11th ACM conference on Computer and communications security , CCS '04, pp.298-307, 2004. ,
DOI : 10.1145/1030083.1030124
Transparent runtime shadow stack: Protection against malicious return address modifications ,
Practical control flow integrity and randomization for binary executables, SP '13, pp.559-573, 2013. ,
Control flow integrity for cots binaries, Proc. of the 22Nd USENIX Conf. on Security, SEC'13, pp.337-352, 2013. ,