乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T17:50:07Z","timestamp":1729619407288,"version":"3.28.0"},"reference-count":69,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014,5]]},"DOI":"10.1109\/sp.2014.25","type":"proceedings-article","created":{"date-parts":[[2014,11,26]],"date-time":"2014-11-26T14:57:47Z","timestamp":1417013867000},"page":"276-291","source":"Crossref","is-referenced-by-count":205,"title":["SoK: Automated Software Diversity"],"prefix":"10.1109","author":[{"given":"Per","family":"Larsen","sequence":"first","affiliation":[]},{"given":"Andrei","family":"Homescu","sequence":"additional","affiliation":[]},{"given":"Stefan","family":"Brunthaler","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Franz","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"35","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1007\/978-1-4614-0977-9_4","article-title":"Compiler-generated software diversity","author":"jackson","year":"2011","journal-title":"Moving Target Defense Volume 54 of Advances in Information Security"},{"key":"36","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89598-5_7"},{"key":"33","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/23.3.223"},{"key":"34","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-5416-8_8"},{"journal-title":"X86-64 Buffer Overflow Exploits and the Borrowed Code Chunks Exploitation Techniques","year":"2005","author":"krahmer","key":"39"},{"key":"37","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948146"},{"key":"38","first-page":"339","article-title":"Address space layout permutation (ASLP): Towards fine-grained randomization of commodity software","author":"kil","year":"2006","journal-title":"Proceedings of the 22nd Annual Computer Security Applications Conference ACSAC '06"},{"key":"43","first-page":"209","article-title":"Evaluating SFI for a CISC architecture","author":"mccamant","year":"2006","journal-title":"Security '06 15th USENIX Security Symposium"},{"key":"42","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065034"},{"key":"41","doi-asserted-by":"publisher","DOI":"10.1145\/948148.948149"},{"key":"40","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2013.129"},{"key":"67","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2009.18"},{"key":"66","first-page":"323","article-title":"INSeRT: Protect dynamic code generation against spraying","author":"wei","year":"2011","journal-title":"Proceedings of the 2011 International Conference on Information Science and Technology ICIST '11"},{"key":"69","first-page":"337","article-title":"Control flow integrity for COTS binaries","author":"zhang","year":"2013","journal-title":"Proceedings of the 20th USENIX Security Symposium SEC '11"},{"key":"68","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.25"},{"key":"22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00730-9_10"},{"key":"23","doi-asserted-by":"crossref","first-page":"187","DOI":"10.1007\/978-3-540-30191-2_15","article-title":"Hydan: Hiding information in program binaries","author":"el-khalil","year":"2004","journal-title":"Proceedings of the 6th International Conference on Information and Communications Security ICICS '04"},{"key":"24","doi-asserted-by":"publisher","DOI":"10.1109\/HOTOS.1997.595185"},{"key":"25","doi-asserted-by":"publisher","DOI":"10.1145\/1900546.1900550"},{"key":"26","article-title":"Cyber insecurity: The cost of monopoly - How the dominance of Microsoft's products poses a risk to security","author":"geer","year":"2003","journal-title":"Computer and Communications Industry Association"},{"key":"27","first-page":"475","article-title":"Enhanced operating system security through efficient and fine-grained address space randomization","author":"giuffrida","year":"2012","journal-title":"Proceedings of the 21st USENIX Security Symposium SEC '12"},{"key":"28","first-page":"293","article-title":"Marlin: A fine grained randomization approach to defend against ROP attacks","author":"gupta","year":"2013","journal-title":"Network and System Security Volume 7873 of Lecture Notes in Computer Science"},{"key":"29","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.39"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1145\/2465351.2465380"},{"key":"2","article-title":"Smashing the stack for fun and profit","volume":"7","author":"one","year":"1996","journal-title":"Phrack Magazine"},{"key":"1","doi-asserted-by":"crossref","first-page":"340","DOI":"10.1145\/1102120.1102165","article-title":"Control-flow integrity","author":"abadi","year":"2005","journal-title":"Proceedings of the 12th ACM Conference on Computer and Communications Security CCS '05"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_1"},{"key":"30","first-page":"993","article-title":"Librando: Transparent code randomization for just-in-time compilers","author":"homescu","year":"2013","journal-title":"Proceedings of the 20th ACM Conference on Computer and Communications Security CCS'13"},{"key":"6","first-page":"105","article-title":"Address obfuscation: An efficient approach to combat a broad range of memory error exploits","author":"bhatkar","year":"2003","journal-title":"Proceedings of the 12th USENIX Security Symposium SEC '03"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1145\/1053283.1053286"},{"key":"32","first-page":"64","article-title":"Microgadgets: Size does matter in Turing-complete return-oriented programming","author":"homescu","year":"2012","journal-title":"Proceedings of the 6th USENIX Workshop on Offensive Technologies WOOT '12"},{"key":"4","first-page":"149","article-title":"On the implementation of N-version programming for software fault tolerance during execution","author":"avizienis","year":"1977","journal-title":"Proceedings of the International Computer Software and Applications Conference"},{"key":"31","first-page":"1","article-title":"Profile-guided automatic software diversity","author":"homescu","year":"2013","journal-title":"Proceedings of the 9th IEEE\/ACM International Symposium on Code Generation and Optimization CGO '11"},{"key":"9","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.22"},{"key":"8","first-page":"271","article-title":"Efficient techniques for comprehensive protection from memory error exploits","author":"bhatkar","year":"2005","journal-title":"Proceedings of the 14th USENIX Security Symposium SEC '05"},{"key":"59","doi-asserted-by":"crossref","first-page":"309","DOI":"10.1145\/2420950.2420996","article-title":"Code shredding: Byte-granular randomization of program layout for detecting codereuse attacks","author":"shioji","year":"2012","journal-title":"Proceedings of the 28th Annual Computer Security Applications Conference ACSAC '12"},{"key":"58","doi-asserted-by":"crossref","first-page":"298","DOI":"10.1145\/1030083.1030124","article-title":"On the effectiveness of address-space randomization","author":"shacham","year":"2004","journal-title":"Proceedings of the 11th ACM Conference on Computer and Communications Security CCS '04"},{"key":"57","doi-asserted-by":"crossref","first-page":"552","DOI":"10.1145\/1315245.1315313","article-title":"The geometry of innocent flesh on the bone: Return-intolibc without function calls (on the x86)","author":"shacham","year":"2007","journal-title":"Proceedings of the 14th ACM conference on Computer and communications security CCS '07"},{"key":"56","article-title":"The info leak era on software exploitation","author":"serna","year":"2012","journal-title":"Black Hat USA"},{"key":"19","first-page":"63","article-title":"StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks","author":"cowan","year":"1998","journal-title":"Proceedings of the 7th USENIX Security Symposium SEC '98"},{"key":"55","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2003.1191531"},{"key":"17","article-title":"Feedback-driven binary code diversification","volume":"9","author":"coppens","year":"2013","journal-title":"Transactions on Architecture and Code Optimization"},{"key":"18","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.113"},{"key":"15","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420997"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1145\/268946.268962"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(93)90054-9"},{"key":"14","article-title":"A taxonomy of obfuscating transformations","author":"collberg","year":"1997","journal-title":"Technical Report 148 Department of Computer Science"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/FTCSH.1995.532621"},{"key":"12","article-title":"Mitigating buffer overflows by operating system randomization","author":"chew","year":"2002","journal-title":"Technical Report CMU-CS-02-197 Department of Computer Science"},{"key":"21","doi-asserted-by":"crossref","first-page":"299","DOI":"10.1145\/2484313.2484351","article-title":"Gadge me if you can: Secure and efficient ad-hoc instruction-level randomization for x86 and ARM","author":"davi","year":"2013","journal-title":"Proceedings of the 8th ACM Symposium on Information Computer and Communications Security ASIACCS '13"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1145\/2535813.2535824"},{"key":"64","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382216"},{"key":"65","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420995"},{"journal-title":"Engineering a Compiler","year":"2011","author":"torczon","key":"62"},{"key":"63","doi-asserted-by":"crossref","first-page":"121","DOI":"10.1007\/978-3-642-23644-0_7","article-title":"On the expressiveness of return-into-libc attacks","author":"tran","year":"2011","journal-title":"Proceedings of the 14th Interntional Symposium on Recent Advances in Intrusion Detection RAID '11"},{"key":"60","first-page":"574","article-title":"Just-in-time code reuse: On the effectiveness of finegrained address space layout randomization","author":"snow","year":"2013","journal-title":"Proceedings of the 34th IEEE Symposium on Security and Privacy S&P '13"},{"key":"61","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"49","article-title":"Too much PIE is bad for performance","author":"payer","year":"2012","journal-title":"Technical Report"},{"journal-title":"Homepage of the PaX Team","year":"2001","author":"pa","key":"48"},{"key":"45","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"44","article-title":"The advanced return-into-lib(c) exploits: PaX case study","volume":"11","year":"2001","journal-title":"Phrack Magazine"},{"key":"47","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.41"},{"key":"46","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866371"},{"key":"10","article-title":"Interpreter exploitation","author":"blazakis","year":"2010","journal-title":"Proc 4th USENIX Workshop on Offensive Technologies"},{"key":"51","doi-asserted-by":"crossref","first-page":"701","DOI":"10.3233\/JCS-2009-0379","article-title":"Independence from obfuscation: A semantic framework for diversity","volume":"18","author":"pucella","year":"2010","journal-title":"Journal of Computer Security"},{"key":"52","doi-asserted-by":"publisher","DOI":"10.1145\/390016.808467"},{"journal-title":"ROPgadget Tool","year":"2012","author":"salwan","key":"53"},{"key":"54","article-title":"Q: Exploit hardening made easy","author":"schwartz","year":"2011","journal-title":"Proceedings of the 20th USENIX Security Symposium SEC '11"},{"key":"50","doi-asserted-by":"publisher","DOI":"10.1145\/93542.93550"}],"event":{"name":"2014 IEEE Symposium on Security and Privacy (SP)","start":{"date-parts":[[2014,5,18]]},"location":"San Jose, CA","end":{"date-parts":[[2014,5,21]]}},"container-title":["2014 IEEE Symposium on Security and Privacy"],"original-title":[],"link":[{"URL":"http:\/\/ieeexplore.ieee.org\/iel7\/6954656\/6956545\/06956570.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6954656\/6956545\/06956570.pdf?arnumber=6956570","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,30]],"date-time":"2023-07-30T08:29:49Z","timestamp":1690705789000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6956570\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,5]]},"references-count":69,"URL":"https:\/\/doi.org\/10.1109\/sp.2014.25","relation":{},"subject":[],"published":{"date-parts":[[2014,5]]}}}