Affiliation:
1. Katholieke Universiteit Leuven
Abstract
The lack of memory safety in C/C++ often leads to vulnerabilities.
Code injection attacks
exploit these vulnerabilities to gain control over the execution flow of applications. These attacks have played a key role in many major security incidents. Consequently, a huge body of research on countermeasures exists. We provide a comprehensive and structured survey of vulnerabilities and countermeasures that operate at runtime. These countermeasures make different trade-offs in terms of performance, effectivity, compatibility, etc., making it hard to evaluate and compare countermeasures in a given context. We define a classification and evaluation framework on the basis of which countermeasures can be assessed.
Publisher
Association for Computing Machinery (ACM)
Subject
General Computer Science,Theoretical Computer Science
Reference168 articles.
1. Control-flow integrity
2. Preventing Memory Error Exploits with WIT
3. Aleph One. 1996. Smashing the stack for fun and profit. Phrack 49. Aleph One. 1996. Smashing the stack for fun and profit. Phrack 49.
4. Defeating compiler-level buffer overflow protection;Alexander S.;USENIX Mag.,2005
Cited by
38 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. SPP: Safe Persistent Pointers for Memory Safety;2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN);2024-06-24
2. HyperPUT: generating synthetic faulty programs to challenge bug-finding tools;Empirical Software Engineering;2024-01-15
3. SysPart: Automated Temporal System Call Filtering for Binaries;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15
4. SysXCHG: Refining Privilege with Adaptive System Call Filters;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15
5. Building Dynamic System Call Sandbox with Partial Order Analysis;Proceedings of the ACM on Programming Languages;2023-10-16