{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T08:21:47Z","timestamp":1726042907856},"publisher-location":"Cham","reference-count":48,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030307189"},{"type":"electronic","value":"9783030307196"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-30719-6_7","type":"book-chapter","created":{"date-parts":[[2019,8,31]],"date-time":"2019-08-31T02:27:36Z","timestamp":1567218456000},"page":"129-155","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["MTD Techniques for Memory Protection Against Zero-Day Attacks"],"prefix":"10.1007","author":[{"given":"Ping","family":"Chen","sequence":"first","affiliation":[]},{"given":"Zhisheng","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Jun","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Minghui","family":"Zhu","sequence":"additional","affiliation":[]},{"given":"Rob","family":"Erbacher","sequence":"additional","affiliation":[]},{"given":"Sushil","family":"Jajodia","sequence":"additional","affiliation":[]},{"given":"Peng","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,8,31]]},"reference":[{"key":"7_CR1","unstructured":"Arrays of length of zero. \n                    http:\/\/gcc.gnu.org\/onlinedocs\/gcc\/Zero-length.html"},{"key":"7_CR2","unstructured":"Openssh benchmark. \n                    http:\/\/blog.famzah.net\/2010\/06\/11\/openssh-ciphers-performance-benchmark\/"},{"key":"7_CR3","unstructured":"SPEC CPU benchmark suite (2000). \n                    http:\/\/www.spec.org\/cpu2000\/"},{"key":"7_CR4","unstructured":"Gimple (2015). \n                    https:\/\/gcc.gnu.org\/onlinedocs\/gccint\/GIMPLE.html"},{"key":"7_CR5","unstructured":"Backes, M., N\u00fcrnberger, S.: Oxymoron: making fine-grained memory randomization practical by allowing code sharing. In: USENIX Security Symposium (Security 2014) (2014)"},{"key":"7_CR6","unstructured":"Bhatkar, S., Duvarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: USENIX Security Symposium (Security 2003) (2003)"},{"key":"7_CR7","unstructured":"Bhatkar, S., Sekar, R., DuVarney, D.C.: Efficient techniques for comprehensive protection from memory error exploits. In: USENIX Security Symposium (Security 2005) (2005)"},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Bigelow, D., Hobson, T., Rudd, R., Streilein, W., Okhravi, H.: Timely rerandomization for mitigating memory disclosures. In: Proceedings of the 22nd Conference on Computer and Communications Security (CCS 2015) (2015)","DOI":"10.1145\/2810103.2813691"},{"key":"7_CR9","doi-asserted-by":"crossref","unstructured":"Bittau, A., Belay, A., Mashtizadeh, A., Mazieres, D., Boneh, D.: Hacking blind. In: 2014 IEEE Symposium on Security and Privacy, Oakland (2014)","DOI":"10.1109\/SP.2014.22"},{"key":"7_CR10","doi-asserted-by":"crossref","unstructured":"Bletsch, T., Jiang, X., Freeh, V.W., Liang, Z.: Jump-oriented programming: a new class of code-reuse attack. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011) (2011)","DOI":"10.1145\/1966913.1966919"},{"key":"7_CR11","unstructured":"Castro, M., Costa, M., Harris, T.: Securing software by enforcing data-flow integrity. In: Proceedings of the 7th Symposium on Operating Systems Design and Implementation (OSDI 2006) (2006)"},{"key":"7_CR12","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.-R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: ACM Conference on Computer and Communications Security (CCS 2010) (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"7_CR13","doi-asserted-by":"crossref","unstructured":"Chen, H., Mao, Y., Wang, X., Zhou, D., Zeldovich, N., Kaashoek, M.F.: Linux kernel vulnerabilities: state-of-the-art defenses and open problems. In: Proceedings of the Second Asia-Pacific Workshop on Systems (2011)","DOI":"10.1145\/2103799.2103805"},{"key":"7_CR14","doi-asserted-by":"crossref","unstructured":"Chen, P., et al.: What you see is not what you get! thwarting just-in-time ROP with chameleon. In: 2017 47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 451\u2013462. IEEE (2017)","DOI":"10.1109\/DSN.2017.47"},{"key":"7_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-319-24174-6_4","volume-title":"Computer Security \u2013 ESORICS 2015","author":"P Chen","year":"2015","unstructured":"Chen, P., Xu, J., Lin, Z., Xu, D., Mao, B., Liu, P.: A practical approach for adaptive data structure layout randomization. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 69\u201389. Springer, Cham (2015). \n                    https:\/\/doi.org\/10.1007\/978-3-319-24174-6_4"},{"key":"7_CR16","unstructured":"Chen, S., Xu, J., Sezer, E.C., Gauriar, P., Iyer, R.K.: Non-control-data attacks are realistic threats. In: Proceedings of the 14th Conference on USENIX Security Symposium (Security 2005), vol. 5 (2005)"},{"key":"7_CR17","doi-asserted-by":"crossref","unstructured":"Chen, Y., Wang, Z., Whalley, D., Lu, L.: Remix: on-demand live randomization. In: Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016) (2016)","DOI":"10.1145\/2857705.2857726"},{"key":"7_CR18","doi-asserted-by":"crossref","unstructured":"Crane, S.: Readactor: practical code randomization resilient to memory disclosure. In: 2015 Symposium on Security and Privacy, Oakland (2015)","DOI":"10.1109\/SP.2015.52"},{"key":"7_CR19","unstructured":"CVE-2001-0144. SSH CRC-32 compensation attack detector (2001). \n                    http:\/\/www.securityfocus.com\/bid\/2347\/discuss"},{"key":"7_CR20","unstructured":"CVE-2002-0656. Apache openSSL heap overflow exploit (2002). \n                    http:\/\/www.phreedom.org\/research\/exploits\/apache-openssl\/"},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Davi, L., Liebchen, C., Sadeghi, A.-R., Snow, K.Z., Monrose, F.: Isomeron: code randomization resilient to (just-in-time) return-oriented programming. In: Network and Distributed System Security Symposium (NDSS 2015) (2015)","DOI":"10.14722\/ndss.2015.23262"},{"key":"7_CR22","unstructured":"Dyninst. Dyninst programmer\u2019s guide (2013). \n                    www.dyninst.org\/sites\/default\/files\/manuals\/dyninst\/DyninstAPI.pdf"},{"key":"7_CR23","doi-asserted-by":"crossref","unstructured":"Gionta, J., Enck, W., Ning, P.: HideM: protecting the contents of userspace memory in the face of disclosure vulnerabilities. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (CODASPY 2015) (2015)","DOI":"10.1145\/2699026.2699107"},{"key":"7_CR24","unstructured":"Giuffrida, C., Kuijsten, A., Tanenbaum, A.S.: Enhanced operating system security through efficient and fine-grained address space randomization. In: USENIX Conference on Security Symposium (Security 2012) (2012)"},{"key":"7_CR25","doi-asserted-by":"crossref","unstructured":"G\u00f6ktas, E., Athanasopoulos, E., Bos, H., Portokalidis, G.: Out of control: overcoming control-flow integrity. In: 2014 IEEE Symposium on Security and Privacy, Oakland (2014)","DOI":"10.1109\/SP.2014.43"},{"key":"7_CR26","doi-asserted-by":"crossref","unstructured":"Hiser, J., Nguyen-Tuong, A., Co, M., Hall, M., Davidson, J.W.: ILR: where\u2019d my gadgets go? In: 2012 IEEE Symposium on Security and Privacy, Oakland (2012)","DOI":"10.1109\/SP.2012.39"},{"key":"7_CR27","unstructured":"Hu, H., Chua, Z.L., Adrian, S., Saxena, P., Liang, Z.: Automatic generation of data-oriented exploits. In: Proceedings of the 24th USENIX Security Symposium (Security 2015) (2015)"},{"key":"7_CR28","doi-asserted-by":"crossref","unstructured":"Hu, H., Shinde, S., Adrian, S., Chua, Z.L., Saxena, P., Liang, Z.: Data-oriented programming: on the expressiveness of non-control data attacks. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 969\u2013986. IEEE (2016)","DOI":"10.1109\/SP.2016.62"},{"key":"7_CR29","doi-asserted-by":"crossref","unstructured":"Kil, C., Jum, J., Bookholt, C., Xu, J., Ning, P.: Address space layout permutation (ASLP): towards fine-grained randomization of commodity software. In: Annual Computer Security Applications Conference (ACSAC 2006) (2006)","DOI":"10.1109\/ACSAC.2006.9"},{"key":"7_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-642-02918-9_7","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"Z Lin","year":"2009","unstructured":"Lin, Z., Riley, R.D., Xu, D.: Polymorphing software by randomizing data structure layout. In: Flegel, U., Bruschi, D. (eds.) DIMVA 2009. LNCS, vol. 5587, pp. 107\u2013126. Springer, Heidelberg (2009). \n                    https:\/\/doi.org\/10.1007\/978-3-642-02918-9_7"},{"key":"7_CR31","doi-asserted-by":"crossref","unstructured":"Lu, K., Nurnberger, S., Backes, M., Lee, W.: How to make ASLR win the clone wars: runtime re-randomization. In: Proceedings of the 22nd Annual Network and Distributed System Security Symposium (NDSS 2016) (2016)","DOI":"10.14722\/ndss.2016.23173"},{"key":"7_CR32","unstructured":"Microsoft. A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2 (2008). \n                    http:\/\/support.microsoft.com\/kb\/875352"},{"key":"7_CR33","doi-asserted-by":"crossref","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Smashing the gadgets: hindering return-oriented programming using in-place code randomization. In: 2012 IEEE Symposium on Security and Privacy, Oakland (2012)","DOI":"10.1109\/SP.2012.41"},{"key":"7_CR34","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: Q: exploit hardening made easy. In: USENIX Conference on Security (Security 2011) (2011)"},{"key":"7_CR35","doi-asserted-by":"crossref","unstructured":"Seibert, J., Okhravi, H., S\u00f6derstr\u00f6m, E.: Information leaks without memory disclosures: remote side channel attacks on diversified code. In: ACM SIGSAC Conference on Computer and Communications Security (CCS 2014) (2014)","DOI":"10.1145\/2660267.2660309"},{"key":"7_CR36","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: ACM Conference on Computer and Communications Security (CCS 2007) (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"7_CR37","doi-asserted-by":"crossref","unstructured":"Snow, K.Z., Monrose, F., Davi, L., Dmitrienko, A., Liebchen, C., Sadeghi, A.-R.: Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization. In: 2013 IEEE Symposium on Security and Privacy, Oakland (2013)","DOI":"10.1109\/SP.2013.45"},{"key":"7_CR38","doi-asserted-by":"crossref","unstructured":"Song, C., Lee, B., Lu, K., Harris, W.R., Kim, T., Lee, W.: Enforcing kernel security invariants with data flow integrity. In: Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS 2016) (2016)","DOI":"10.14722\/ndss.2016.23218"},{"key":"7_CR39","doi-asserted-by":"crossref","unstructured":"Stanley, D.M., Xu, D., Spafford, E.H.: Improved kernel security through memory layout randomization. In: International Performance Computing and Communications Conference (IPCCC 2013) (2013)","DOI":"10.1109\/PCCC.2013.6742768"},{"key":"7_CR40","doi-asserted-by":"crossref","unstructured":"Strackx, R., et al.: Breaking the memory secrecy assumption. In: Second European Workshop on System Security (2009)","DOI":"10.1145\/1519144.1519145"},{"key":"7_CR41","doi-asserted-by":"crossref","unstructured":"Tang, A., Sethumadhavan, S., Stolfo, S.: Heisenbyte: thwarting memory disclosure attacks using destructive code reads. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS 2015) (2015)","DOI":"10.1145\/2810103.2813685"},{"key":"7_CR42","unstructured":"PaX Team. PaX address space layout randomization (ASLR) (2003). \n                    http:\/\/pax.grsecurity.net\/docs\/aslr.txt"},{"key":"7_CR43","unstructured":"PaX Team. PaX non-executable pages design & implementation (2003). \n                    http:\/\/pax.grsecurity.net\/docs\/noexec.txt"},{"key":"7_CR44","doi-asserted-by":"crossref","unstructured":"Wartell, R., Mohan, V., Hamlen, K., Lin, Z.: Binary stirring: self-randomizing instruction addresses of legacy x86 binary code. In: ACM Conference on Computer and Communications Security (CCS 2012) (2012)","DOI":"10.1145\/2382196.2382216"},{"key":"7_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/978-3-642-18178-8_16","volume-title":"Information Security","author":"Z Xin","year":"2011","unstructured":"Xin, Z., Chen, H., Han, H., Mao, B., Xie, L.: Misleading malware similarities analysis by automatic data structure obfuscation. In: Burmester, M., Tsudik, G., Magliveras, S., Ili\u0107, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 181\u2013195. Springer, Heidelberg (2011). \n                    https:\/\/doi.org\/10.1007\/978-3-642-18178-8_16"},{"key":"7_CR46","unstructured":"Xu, J., Kalbarczyk, Z., Iyer, R.K.: Transparent runtime randomization for security. In: International Symposium on Reliable Distributed Systems (SRDS 2003) (2003)"},{"key":"7_CR47","unstructured":"Zhang, M., Sekar, R.: Control flow integrity for COTS binaries. In: USENIX Conference on Security (Security 2013) (2013)"},{"key":"7_CR48","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: ACM Conference on Computer and Communications Security (CCS 2012) (2012)","DOI":"10.1145\/2382196.2382230"}],"container-title":["Lecture Notes in Computer Science","Adversarial and Uncertain Reasoning for Adaptive Cyber Defense"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-30719-6_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,31]],"date-time":"2019-08-31T02:36:04Z","timestamp":1567218964000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-30719-6_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030307189","9783030307196"],"references-count":48,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-30719-6_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"31 August 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}