, Control-flow integrity principles, implementations, and applications, ACM Transactions on Information and System Security, vol.13, issue.1, pp.1-440, 2009.
DOI : 10.1145/1609956.1609960
, Changes to functionality in windows xp service pack 2 -part 3: Memory protection technologies, 2004.
, Jump-oriented programming, Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, pp.30-40, 2011.
DOI : 10.1145/1966913.1966919
, Buffer overflows are the top software security vulnerability of the past 25 years, 2013.
, Bypassing 3rd party windows buffer overflow protection, Phrack, issue.11, 2004.
, Return-oriented programming without returns, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, pp.559-572, 2010.
DOI : 10.1145/1866307.1866370
, Non-control-data attacks are realistic threats, SSYM'05, pp.12-12, 2005.
, ROPecker: A Generic and Practical Approach For Defending Against ROP Attacks, Proceedings 2014 Network and Distributed System Security Symposium, 2014.
DOI : 10.14722/ndss.2014.23156
, Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection, Proc. of the 23rd USENIX Conf. on Security, SEC'14, pp.401-416, 2014.
, ROPdefender, Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, pp.40-51, 2011.
DOI : 10.1145/1966913.1966920
, Bypassing pax aslr protection, 2002.
, How not to lie with statistics: the correct way to summarize benchmark results, Communications of the ACM, vol.29, issue.3, pp.218-221, 1986.
DOI : 10.1145/5666.5673
, Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard, Proc. of the 23rd USENIX Conf. on Security Symposium, SEC'14, pp.417-432, 2014.
, Windows isv software security defenses, 2010.
, Practical timing side channel attacks against kernel space aslr. SP '13, pp.191-205, 2013.
, Emerging stack pivoting exploits bypass common security, 2013.
, Pin: building customized program analysis tools with dynamic instrumentation, PLDI '05, pp.190-200, 2005.
, Data execution prevention
, Jump Oriented Programming on Windows Platform (on the x86), Lecture Notes in Computer Science, vol.7335, pp.376-390, 2012.
DOI : 10.1007/978-3-642-31137-6_29
, Smashing the stack for fun and profit, 1996.
, Transparent rop exploit mitigation using indirect branch tracing. SEC'13, pp.447-462, 2013.
, Return-Oriented Programming, ACM Transactions on Information and System Security, vol.15, issue.1, pp.1-2, 2012.
DOI : 10.1145/2133375.2133377
, The geometry of innocent flesh on the bone, Proceedings of the 14th ACM conference on Computer and communications security , CCS '07, pp.552-561, 2007.
DOI : 10.1145/1315245.1315313
, On the effectiveness of address-space randomization, Proceedings of the 11th ACM conference on Computer and communications security , CCS '04, pp.298-307, 2004.
DOI : 10.1145/1030083.1030124
, Transparent runtime shadow stack: Protection against malicious return address modifications
, Practical control flow integrity and randomization for binary executables, SP '13, pp.559-573, 2013.
, Control flow integrity for cots binaries, Proc. of the 22Nd USENIX Conf. on Security, SEC'13, pp.337-352, 2013.