Fedler et al., 2014 - Google Patents
ISA R: Improving Software Attack and Analysis Resilience via Compiler-Level Software DiversityFedler et al., 2014
View PDF- Document ID
- 11158005057479772646
- Author
- Fedler R
- Banescu S
- Pretschner A
- Publication year
- Publication venue
- International Conference on Computer Safety, Reliability, and Security
External Links
Snippet
The current IT landscape is characterized by software monoculture: All installations of one program version are identical. This leads to a huge return of investment for attackers who can develop a single attack once to compromise millions of hosts worldwide. Software …
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Liljestrand et al. | {PAC} it up: Towards pointer integrity using {ARM} pointer authentication | |
| Borrello et al. | Constantine: Automatic side-channel resistance using efficient control and data flow linearization | |
| Wu et al. | Eliminating timing side-channel leaks using program repair | |
| Braden et al. | Leakage-Resilient Layout Randomization for Mobile Devices. | |
| Van Bulck et al. | Nemesis: Studying microarchitectural timing leaks in rudimentary CPU interrupt logic | |
| Shinde et al. | Preventing page faults from telling your secrets | |
| Rajasekaran et al. | CoDaRR: Continuous data space randomization against data-only attacks | |
| Van Cleemput et al. | Adaptive compiler strategies for mitigating timing side channel attacks | |
| Chen et al. | JITSafe: a framework against Just‐in‐time spraying attacks | |
| Ammanaghatta Shivakumar et al. | Enforcing fine-grained constant-time policies | |
| You et al. | Deoptfuscator: Defeating advanced control-flow obfuscation using android runtime (art) | |
| Schilling et al. | FIPAC: Thwarting fault-and software-induced control-flow attacks with ARM pointer authentication | |
| Aweke et al. | Øzone: Efficient execution with zero timing leakage for modern microarchitectures | |
| Wichelmann et al. | MAMBO–V: Dynamic side-channel leakage analysis on RISC–V | |
| Wu et al. | RIM: A method to defend from JIT spraying attack | |
| Zhu et al. | Protection against indirect overflow attacks on pointers | |
| Pewny et al. | Breaking and fixing destructive code read defenses | |
| Moghadam et al. | Memory integrity techniques for memory-unsafe languages: A survey | |
| Lian et al. | A Call to ARMs: Understanding the Costs and Benefits of JIT Spraying Mitigations. | |
| Geden et al. | RegGuard: Leveraging CPU registers for mitigation of control-and data-oriented attacks | |
| Stolz et al. | Recommendation for a holistic secure embedded ISA extension | |
| Mechelinck et al. | Gluezilla: Efficient and scalable software to hardware binding using rowhammer | |
| Jiang et al. | CipherGuard: Compiler-aided Mitigation against Ciphertext Side-channel Attacks | |
| Fedler et al. | ISA R: Improving Software Attack and Analysis Resilience via Compiler-Level Software Diversity | |
| Shih | Securing Intel SGX against side-channel attacks via load-time synthesis |