Powered By GitBook
八、学术篇
Here are the articles in this section:
8.1 The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)
8.2 Return-Oriented Programming without Returns
8.3 Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms
8.4 ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks
8.5 Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks
8.7 What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses
8.9 Symbolic Execution for Software Testing: Three Decades Later
8.10 AEG: Automatic Exploit Generation
8.11 Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Softwa
8.13 New Frontiers of Reverse Engineering
8.14 Who Allocated My Memory? Detecting Custom Memory Allocators in C Binaries
8.21 Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks
8.22 Practical Memory Checking With Dr. Memory
8.23 Evaluating the Effectiveness of Current Anti-ROP Defenses
8.24 How to Make ASLR Win the Clone Wars: Runtime Re-Randomization
8.25 (State of) The Art of War: Offensive Techniques in Binary Analysis
8.26 Driller: Augmenting Fuzzing Through Selective Symbolic Execution
8.27 Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware
8.28 Cross-Architecture Bug Search in Binary Executables
8.29 Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data
8.30 Preventing brute force attacks against stack canary protection on networking servers
8.33 Under-Constrained Symbolic Execution: Correctness Checking for Real Code
8.34 Enhancing Symbolic Execution with Veritesting
8.38 TaintEraser: Protecting Sensitive Data Leaks Using Application-Level Taint Tracking
8.39 DART: Directed Automated Random Testing
8.40 EXE: Automatically Generating Inputs of Death
8.41 IntPatch: Automatically Fix Integer-Overflow-to-Buffer-Overflow Vulnerability at Compile-Time
8.42 Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits
8.43 DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation
8.44 Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics
8.45 Ramblr: Making Reassembly Great Again
8.46 FreeGuard: A Faster Secure Heap Allocator
8.48 Reassembleable Disassembling
Copy link