{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T12:34:16Z","timestamp":1725798856370},"publisher-location":"Cham","reference-count":47,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319113784"},{"type":"electronic","value":"9783319113791"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-11379-1_4","type":"book-chapter","created":{"date-parts":[[2014,8,20]],"date-time":"2014-08-20T03:14:54Z","timestamp":1408504494000},"page":"68-87","source":"Crossref","is-referenced-by-count":2,"title":["Dynamic Reconstruction of Relocation Information for Stripped Binaries"],"prefix":"10.1007","author":[{"given":"Vasilis","family":"Pappas","sequence":"first","affiliation":[]},{"given":"Michalis","family":"Polychronakis","sequence":"additional","affiliation":[]},{"given":"Angelos D.","family":"Keromytis","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"4_CR1","unstructured":"ATMs Face Deadline to Upgrade From Windows XP, \n \n http:\/\/www.businessweek.com\/articles\/2014-01-16\/atms-face-deadline-to-upgrade-from-windows-xp"},{"key":"4_CR2","unstructured":"\/ORDER (put functions in order), \n \n http:\/\/msdn.microsoft.com\/en-us\/library\/00kh39zz.aspx"},{"key":"4_CR3","unstructured":"Profile-guided optimizations, \n \n http:\/\/msdn.microsoft.com\/en-us\/library\/e7k32f4k.aspx"},{"key":"4_CR4","unstructured":"SPEC CPU2006 Benchmark, \n \n http:\/\/www.spec.org\/cpu2006\n \n \n ."},{"key":"4_CR5","unstructured":"Syzygy - profile guided, post-link executable reordering, \n \n http:\/\/code.google.com\/p\/sawbuck\/wiki\/SyzygyDesign"},{"key":"4_CR6","unstructured":"UK government pays Microsoft 5.5m to extend Windows XP support, \n \n http:\/\/www.theguardian.com\/technology\/2014\/apr\/07\/uk-government-microsoft-windows-xp-public-sector"},{"key":"4_CR7","unstructured":"Windows, X.P.: SP3 and Office, Support Ends (April 8, 2003), \n \n http:\/\/www.microsoft.com\/en-us\/windows\/enterprise\/endofsupport.aspx"},{"key":"4_CR8","unstructured":"MWR Labs Pwn2Own 2013 Write-up - Webkit Exploit (2013), \n \n http:\/\/labs.mwrinfosecurity.com\/blog\/2013\/04\/19\/mwr-labs-pwn2own-2013-write-up---webkit-exploit\/"},{"key":"4_CR9","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, \u00da., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS (2005)","DOI":"10.1145\/1102120.1102165"},{"key":"4_CR10","unstructured":"Bennett, J., Lin, Y., Haq, T.: The Number of the Beast (2013), \n \n http:\/\/blog.fireeye.com\/research\/2013\/02\/the-number-of-the-beast.html"},{"key":"4_CR11","unstructured":"Bhatkar, E., Duvarney, D.C., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium (2003)"},{"key":"4_CR12","unstructured":"Bhatkar, S., Sekar, R., DuVarney, D.C.: Efficient techniques for comprehensive protection from memory error exploits. In: Proceedings of the 14th USENIX Security Symposium (August 2005)"},{"key":"4_CR13","doi-asserted-by":"publisher","first-page":"565","DOI":"10.1016\/0167-4048(93)90054-9","volume":"12","author":"F.B. Cohen","year":"1993","unstructured":"Cohen, F.B.: Operating system protection through program evolution. Computers and Security\u00a012, 565\u2013584 (1993)","journal-title":"Computers and Security"},{"key":"4_CR14","first-page":"255","volume-title":"Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI 2008","author":"A. Cozzie","year":"2008","unstructured":"Cozzie, A., Stratton, F., Xue, H., King, S.T.: Digging for data structures. In: Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI 2008, pp. 255\u2013266. USENIX Association, Berkeley (2008)"},{"key":"4_CR15","unstructured":"Designer, S.: Getting around non-executable stack (and fix), \n \n http:\/\/seclists.org\/bugtraq\/1997\/Aug\/63"},{"key":"4_CR16","unstructured":"Forrest, S., Somayaji, A., Ackley, D.: Building diverse computer systems. In: Proceedings of the 6th Workshop on Hot Topics in Operating Systems, HotOS-VI (1997)"},{"key":"4_CR17","doi-asserted-by":"crossref","unstructured":"Roglia, G.F., Martignoni, L., Paleari, R., Bruschi, D.: Surgically returning to randomized lib(c). In: Proceedings of the 25th Annual Computer Security Applications Conference, ACSAC (2009)","DOI":"10.1109\/ACSAC.2009.16"},{"key":"4_CR18","doi-asserted-by":"crossref","unstructured":"Guo, P.J., Perkins, J.H., McCamant, S., Ernst, M.D.: Dynamic inference of abstract types. In: Proceedings of the 2006 International Symposium on Software Testing and Analysis (ISSTA), Portland, ME, USA, July18-20, pp. 255\u2013265 (2006)","DOI":"10.1145\/1146238.1146268"},{"key":"4_CR19","doi-asserted-by":"crossref","unstructured":"Hiser, J., Nguyen-Tuong, A., Co, M., Hall, M., Davidson, J.W.: ILR: Where\u2019d my gadgets go? In: Proceedings of the 33rd IEEE Symposium on Security & Privacy, S&P (2012)","DOI":"10.1109\/SP.2012.39"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Hund, R., Willems, C., Holz, T.: Practical timing side channel attacks against kernel space ASLR. In: Proceedings of the 34th IEEE Symposium on Security & Privacy, S&P (2013)","DOI":"10.1109\/SP.2013.23"},{"key":"4_CR21","unstructured":"Johnson, R.: A castle made of sand: Adobe Reader X sandbox. CanSecWest (2011)"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Kil, C., Jun, J., Bookholt, C., Xu, J., Ning, P.: Address space layout permutation (ASLP): Towards fine-grained randomization of commodity software. In: Proceedings of the 22nd Annual Computer Security Applications Conference, ACSAC (2006)","DOI":"10.1109\/ACSAC.2006.9"},{"key":"4_CR23","unstructured":"Li, H.: Understanding and exploiting Flash ActionScript vulnerabilities. CanSecWest (2011)"},{"key":"4_CR24","unstructured":"Lin, Z., Zhang, X., Xu, D.: Automatic reverse engineering of data structures from binary execution. In: Proceedings of the 17th Annual Network and Distributed System Security Symposium (NDSS 2010), San Diego, CA (February 2010)"},{"key":"4_CR25","unstructured":"Microsoft. Enhanced Mitigation Experience Toolkit, \n \n http:\/\/www.microsoft.com\/emet"},{"key":"4_CR26","unstructured":"Microsoft. Windows Debugging API, \n \n http:\/\/msdn.microsoft.com\/en-us\/library\/windows\/desktop\/ms679303v=vs.85.aspx"},{"key":"4_CR27","unstructured":"Miller, M., Burrell, T., Howard, M.: Mitigating software vulnerabilities (July 2011), \n \n http:\/\/www.microsoft.com\/download\/en\/details.aspx?displaylang=en&id=26788"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.D.: Smashing the gadgets: Hindering return-oriented programming using in-place code randomization. In: Proceedings of the 33rd IEEE Symposium on Security & Privacy, S&P (2012)","DOI":"10.1109\/SP.2012.41"},{"key":"4_CR29","unstructured":"PaX Team. Address space layout randomization (2003), \n \n http:\/\/pax.grsecurity.net\/docs\/aslr.txt"},{"key":"4_CR30","unstructured":"PaX Team. Non-executable pages design & implementation (2003), \n \n http:\/\/pax.grsecurity.net\/docs\/noexec.txt"},{"key":"4_CR31","unstructured":"PaX Team. Non-relocatable executable file randomization (2003), \n \n http:\/\/pax.grsecurity.net\/docs\/randexec.txt"},{"key":"4_CR32","unstructured":"Pietrek, M.: An in-depth look into the Win32 portable executable file format, part 2, \n \n http:\/\/msdn.microsoft.com\/en-us\/magazine\/cc301808.aspx"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Ramalingam, G., Field, J., Tip, F.: Aggregate structure identification and its application to program analysis. In: Symposium on Principles of Programming Languages (POPL), pp. 119\u2013132 (1999)","DOI":"10.1145\/292540.292553"},{"key":"4_CR34","unstructured":"Rescorla, E.: Security holes.. Who cares? In: Proceedings of the 12th USENIX Security Symposium, pp. 75\u201390 (August 2003)"},{"key":"4_CR35","unstructured":"Serna, F.J.: CVE-2012-0769, the case of the perfect info leak (February 2012), \n \n http:\/\/zhodiac.hispahack.com\/my-stuff\/security\/Flash_ASLR_bypass.pdf"},{"key":"4_CR36","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"4_CR37","doi-asserted-by":"crossref","unstructured":"Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS (2004)","DOI":"10.1145\/1030083.1030124"},{"key":"4_CR38","unstructured":"Skape.: Locreate: An anagram for relocate. Uninformed, 6 (2007)"},{"key":"4_CR39","doi-asserted-by":"crossref","unstructured":"Slowinska, A., Stancescu, T., Bos, H.: Dde: Dynamic data structure excavation. In: Proceedings of the 1st ACM SIGCOMM Asia-Pacific Workshop on Systems (ApSys), pp. 13\u201318 (2010)","DOI":"10.1145\/1851276.1851280"},{"key":"4_CR40","unstructured":"Slowinska, A., Stancescu, T., Bos, H.: Howard: A dynamic excavator for reverse engineering data structures. In: Proceedings of the Network and Distributed System Security Symposium, NDSS (2011)"},{"key":"4_CR41","unstructured":"Smithson, M., Anand, K., Kotha, A., Elwazeer, K., Giles, N., Barua, R.: Binary rewriting without relocation information. University of Maryland, Tech. Rep. (2010)"},{"key":"4_CR42","doi-asserted-by":"crossref","unstructured":"Snow, K.Z., Davi, L., Dmitrienko, A., Liebchen, C., Monrose, F., Sadeghi, A.-R.: Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization. In: Proceedings of the 34th IEEE Symposium on Security & Privacy, S&P (2013)","DOI":"10.1109\/SP.2013.45"},{"key":"4_CR43","unstructured":"Vreugdenhil, P.: Pwn2Own (2010), Windows 7 Internet Explorer 8 exploit, \n \n http:\/\/vreugdenhilresearch.nl\/Pwn2Own-2010-Windows7-InternetExplorer8.pdf"},{"key":"4_CR44","doi-asserted-by":"crossref","unstructured":"Wartell, R., Mohan, V., Hamlen, K.W., Lin, Z.: Binary stirring: Self-randomizing instruction addresses of legacy x86 binary code. In: Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), pp. 157\u2013168 (October 2012)","DOI":"10.1145\/2382196.2382216"},{"key":"4_CR45","unstructured":"Zhang, C., Wei, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., Zou, W.: Practical control flow integrity & randomization for binary executables. In: Proceedings of the 34th IEEE Symposium on Security & Privacy, S&P (2013)"},{"key":"4_CR46","unstructured":"Zhang, M., Sekar, R.: Control flow integrity for cots binaries. Presented as part of the 22nd USENIX Security Symposium, pp. 337\u2013352. USENIX, Berkeley (2013)"},{"key":"4_CR47","unstructured":"Zovi, D.A.D.: Practical return-oriented programming. SOURCE Boston (2010)"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-11379-1_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,27]],"date-time":"2019-05-27T16:51:37Z","timestamp":1558975897000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-11379-1_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319113784","9783319113791"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-11379-1_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]}}}