Sciweavers

ICISS
2010
Springer
13 years 1 months ago
ValueGuard: Protection of Native Applications against Data-Only Buffer Overflows
Abstract. Code injection attacks that target the control-data of an application have been prevalent amongst exploit writers for over 20 years. Today however, these attacks are gett...
Steven Van Acker, Nick Nikiforakis, Pieter Philipp...
DAC
2008
ACM
13 years 5 months ago
SHIELD: a software hardware design methodology for security and reliability of MPSoCs
Security of MPSoCs is an emerging area of concern in embedded systems. Security is jeopardized by code injection attacks, which are the most common types of software attacks. Prev...
Krutartha Patel, Sri Parameswaran
CCS
2008
ACM
13 years 5 months ago
Code injection attacks on harvard-architecture devices
Harvard architecture CPU design is common in the embedded world. Examples of Harvard-based architecture devices are the Mica family of wireless sensors. Mica motes have limited me...
Aurélien Francillon, Claude Castelluccia
CCS
2007
ACM
13 years 7 months ago
A framework for diversifying windows native APIs to tolerate code injection attacks
We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented i...
Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Francis...
RAID
2005
Springer
13 years 9 months ago
FLIPS: Hybrid Adaptive Intrusion Prevention
Intrusion detection systems are fundamentally passive and fail–open. Because their primary task is classification, they do nothing to prevent an attack from succeeding. An intru...
Michael E. Locasto, Ke Wang, Angelos D. Keromytis,...
IWIA
2005
IEEE
13 years 9 months ago
A Methodology for Designing Countermeasures against Current and Future Code Injection Attacks
This paper proposes a methodology to develop countermeasures against code injection attacks, and validates the methodology by working out a specific countermeasure. This methodol...
Yves Younan, Wouter Joosen, Frank Piessens
ACSAC
2005
IEEE
13 years 9 months ago
A Framework for Detecting Network-based Code Injection Attacks Targeting Windows and UNIX
Code injection vulnerabilities continue to prevail. Attacks of this kind such as stack buffer overflows and heap buffer overflows account for roughly half of the vulnerabilities...
Stig Andersson, Andrew Clark, George M. Mohay, Bra...
SRDS
2007
IEEE
13 years 10 months ago
RandSys: Thwarting Code Injection Attacks with System Service Interface Randomization
Code injection attacks are a top threat to today’s Internet. With zero-day attacks on the rise, randomization techniques have been introduced to diversify software and operation...
Xuxian Jiang, Helen J. Wang, Dongyan Xu, Yi-Min Wa...
DSN
2007
IEEE
13 years 10 months ago
An Architectural Approach to Preventing Code Injection Attacks
Code injection attacks, despite being well researched, continue to be a problem today. Modern architectural solutions such as the NX-bit and PaX have been useful in limiting the a...
Ryan Riley, Xuxian Jiang, Dongyan Xu
CODES
2007
IEEE
13 years 10 months ago
Ensuring secure program execution in multiprocessor embedded systems: a case study
Multiprocessor SoCs are increasingly deployed in embedded systems with little or no security features built in. Code Injection attacks are one of the most commonly encountered sec...
Krutartha Patel, Sridevan Parameswaran, Seng Lin S...