Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
DIMVA
2008
2008
Data Space Randomization
Over the past several years, US-CERT advisories, as well as most critical updates from software vendors, have been due to memory corruption vulnerabilities such as buffer overflows, heap overflows, etc. Several techniques have been developed to defend against the exploitation of these vulnerabilities, with the most promising defenses being based on randomization. Two randomization techniques have been explored so far: address space randomization (ASR) that randomizes the location of objects in virtual memory, and instruction set randomization (ISR) that randomizes the representation of code. We explore a third form of randomization called data space randomization (DSR) that randomizes the representation of data stored in program memory. Unlike ISR, DSR is effective against non-control data attacks as well as code injection attacks. Unlike ASR, it can protect against corruption of nonpointer data as well as pointer-valued data. Moreover, DSR provides a much higher range of randomiza...
Real-time TrafficComputer Networks | DIMVA 2007 | DIMVA 2008 | Randomization | Randomization Called Data | Space Randomization |
Related Content
| Added | 09 Nov 2010 |
| Updated | 09 Nov 2010 |
| Type | Conference |
| Year | 2008 |
| Where | DIMVA |
| Authors | Sandeep Bhatkar, R. Sekar |
Comments (0)
Researcher Info
|
