The Continuing Arms Race

Code-Reuse Attacks and Defenses

Nonfiction, Computers, Programming, Software Development, Operating Systems
Cover of the book The Continuing Arms Race by , Association for Computing Machinery and Morgan & Claypool Publishers
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: ISBN: 9781970001822
Publisher: Association for Computing Machinery and Morgan & Claypool Publishers Publication: February 23, 2018
Imprint: ACM Books Language: English
Author:
ISBN: 9781970001822
Publisher: Association for Computing Machinery and Morgan & Claypool Publishers
Publication: February 23, 2018
Imprint: ACM Books
Language: English

As human activities moved to the digital domain, so did all the well-known malicious behaviors including fraud, theft, and other trickery. There is no silver bullet, and each security threat calls for a specific answer. One specific threat is that applications accept malformed inputs, and in many cases it is possible to craft inputs that let an intruder take full control over the target computer system.

The nature of systems programming languages lies at the heart of the problem. Rather than rewriting decades of well-tested functionality, this book examines ways to live with the (programming) sins of the past while shoring up security in the most efficient manner possible. We explore a range of different options, each making significant progress towards securing legacy programs from malicious inputs.

The solutions explored include enforcement-type defenses, which excludes certain program executions because they never arise during normal operation. Another strand explores the idea of presenting adversaries with a moving target that unpredictably changes its attack surface thanks to randomization. We also cover tandem execution ideas where the compromise of one executing clone causes it to diverge from another thus revealing adversarial activities. The main purpose of this book is to provide readers with some of the most influential works on run-time exploits and defenses. We hope that the material in this book will inspire readers and generate new ideas and paradigms.

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

As human activities moved to the digital domain, so did all the well-known malicious behaviors including fraud, theft, and other trickery. There is no silver bullet, and each security threat calls for a specific answer. One specific threat is that applications accept malformed inputs, and in many cases it is possible to craft inputs that let an intruder take full control over the target computer system.

The nature of systems programming languages lies at the heart of the problem. Rather than rewriting decades of well-tested functionality, this book examines ways to live with the (programming) sins of the past while shoring up security in the most efficient manner possible. We explore a range of different options, each making significant progress towards securing legacy programs from malicious inputs.

The solutions explored include enforcement-type defenses, which excludes certain program executions because they never arise during normal operation. Another strand explores the idea of presenting adversaries with a moving target that unpredictably changes its attack surface thanks to randomization. We also cover tandem execution ideas where the compromise of one executing clone causes it to diverge from another thus revealing adversarial activities. The main purpose of this book is to provide readers with some of the most influential works on run-time exploits and defenses. We hope that the material in this book will inspire readers and generate new ideas and paradigms.

More books from Association for Computing Machinery and Morgan & Claypool Publishers

Cover of the book Communities of Computing by
Cover of the book Computational Prediction of Protein Complexes from Protein Interaction Networks by
Cover of the book The VR Book by
Cover of the book Trust Extension as a Mechanism for Secure Code Execution on Commodity Computers by
Cover of the book Edmund Berkeley and the Social Responsibility of Computer Professionals by
Cover of the book Text Data Management and Analysis by
Cover of the book Shared-Memory Parallelism Can be Simple, Fast, and Scalable by
Cover of the book Frontiers of Multimedia Research by
Cover of the book The Sparse Fourier Transform by
Cover of the book Declarative Logic Programming by
Cover of the book The Handbook of Multimodal-Multisensor Interfaces, Volume 2 by
Cover of the book A Framework for Scientific Discovery through Video Games by
Cover of the book Reactive Internet Programming by
Cover of the book An Architecture for Fast and General Data Processing on Large Clusters by
Cover of the book Candidate Multilinear Maps by
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy