Defending against heap overflow by using randomization in nested virtual clusters

Defending against heap overflow by using randomization in nested virtual clusters

Heap based buffer overflows are a dangerous class of vulnerability. One countermeasure is randomizing the location of heap memory blocks. Existing techniques segregate the address space into clusters, each of which is used exclusively for one block size. This approach requires a large amount of addr...

Full description

Saved in:

Bibliographic Details
Main Authors:	TEY, Chee Meng, GAO, Debin
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2013
Subjects:	Information Security
Online Access:	https://ink.library.smu.edu.sg/sis_research/2036 https://ink.library.smu.edu.sg/context/sis_research/article/3035/viewcontent/icics13.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Concolic testing heap-manipulating programs
by: PHAM, Long H., et al.
Published: (2019)

Defending against Packet Injection Attacks in Unreliable Ad Hoc Networks
by: GU, Qijun, et al.
Published: (2005)

Defending against Additive Attacks with Maximal Errors in Watermarking Relational Databases
by: LI, Yingjiu, et al.
Published: (2004)

ROPecker: A Generic and Practical Approach For Defending Against ROP Attack
by: CHENG, Yueqiang, et al.
Published: (2014)

Defending against redirect attacks in mobile IP
by: DENG, Robert H., et al.
Published: (2002)

I Can Be You: Questioning the Use of Keystroke Dynamics as Biometrics
by: TEY, Chee Meng, et al.
Published: (2013)

Defending against cross site scripting attacks
by: SHAR, Lwin Khin, et al.
Published: (2011)

Enhancing symbolic execution of heap-based programs with separation logic for test input generation
by: PHAM, Long H., et al.
Published: (2019)

Chosen-instruction attack against commercial code virtualization obfuscators
by: LI, Shijia, et al.
Published: (2022)

Defending Singapore Against Foreign Interference
by: Muhammad Faizal Abdul Rahman
Published: (2019)

Compositional verification of heap-manipulating programs through property-guided learning
by: PHAM, Long H., et al.
Published: (2019)

Keystroke Timing Analysis of on-the-fly Web Apps
by: TEY, Chee Meng, et al.
Published: (2013)

Keystroke Biometrics: The User Perspective
by: Tey, Chee Meng, et al.
Published: (2014)

Fighting Coercion Attacks in Key Generation using Skin Conductance
by: GUPTA, Payas, et al.
Published: (2010)

To detect stack buffer overflow with polymorphic canaries
by: WANG, Zhilong, et al.
Published: (2018)

Launching Return-Oriented Programming Attacks against Randomized Relocatable Executables
by: LIU, Limin, et al.
Published: (2011)

Distinguishing between FE and DDoS using Randomness Check
by: PARK, Hyundo, et al.
Published: (2008)

On Challenges in Evaluating Malware Clustering
by: LI, Peng, et al.
Published: (2010)

Keystroke biometrics: The user perspective
by: TEY, Chee Meng, et al.
Published: (2014)

An extended study on addressing defender teamwork while accounting for uncertainty in attacker defender games using iterative Dec-MDPs
by: SHIEH, Eric, et al.
Published: (2016)

Mitigating Access-Driven Timing Channels in Clouds using StopWatch
by: LI, Peng, et al.
Published: (2013)

Stack Layout Randomization with Minimal Rewriting of Android Binaries
by: Liang, Yu, et al.
Published: (2015)

When function signature recovery meets compiler optimization
by: LIN, Yan, et al.
Published: (2021)

Revisiting Address Space Randomization
by: WANG, Zhi, et al.
Published: (2010)

Virtualization-based System Hardening against Untrusted Kernels
by: CHENG, Yueqiang
Published: (2014)

THE DESIGN AND ANALYSIS OF HEAP ALGORITHMS
by: KHOONG CHAN MENG
Published: (2020)

Automatically Adapting a Trained Anomaly Detector to Software Patches
by: LI, Peng, et al.
Published: (2009)

On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities
by: HAN, Jin, et al.
Published: (2009)

On Gray-Box Program Tracking for Anomaly Detection
by: GAO, Debin, et al.
Published: (2004)

Gray-Box Extraction of Execution Graphs for Anomaly Detection
by: GAO, Debin, et al.
Published: (2004)

Behavioral Distance for Intrusion Detection
by: GAO, Debin, et al.
Published: (2005)

Binhunt: Automatically Finding Semantic Differences in Binary Programs
by: GAO, Debin, et al.
Published: (2008)

On-demand time blurring to support side-channel defense
by: LIU, Weijie, et al.
Published: (2017)

Defending on-line web application security with user-behavior surveillance
by: Cheng Y.-C., et al.
Published: (2018)

API recognition and linking in stack overflow
by: Foo, Chee Yong
Published: (2016)

Constructing a Virtual Primary Key for Fingerprinting Relational Data
by: LI, Yingjiu, et al.
Published: (2003)

Finding the same source programs based on the structural fingerprint distance of call graph
by: YIN, Zhiyi, et al.
Published: (2009)

Heap Taichi: Exploiting memory allocation granularity in heap-spraying attacks
by: Ding, Y., et al.
Published: (2013)

A Multi-User Steganographic File System on Untrusted Shared Storage
by: HAN, Jin, et al.
Published: (2010)

Peep with a mirror: Breaking the integrity of Android app sandboxing via unprivileged cache side channel
by: LIN, Yan, et al.
Published: (2024)