{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T03:00:44Z","timestamp":1725850844183},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319308395"},{"type":"electronic","value":"9783319308401"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-30840-1_15","type":"book-chapter","created":{"date-parts":[[2016,3,9]],"date-time":"2016-03-09T09:15:22Z","timestamp":1457514922000},"page":"229-245","source":"Crossref","is-referenced-by-count":3,"title":["Stack Layout Randomization with Minimal Rewriting of Android Binaries"],"prefix":"10.1007","author":[{"given":"Yu","family":"Liang","sequence":"first","affiliation":[]},{"given":"Xinjie","family":"Ma","sequence":"additional","affiliation":[]},{"given":"Daoyuan","family":"Wu","sequence":"additional","affiliation":[]},{"given":"Xiaoxiao","family":"Tang","sequence":"additional","affiliation":[]},{"given":"Debin","family":"Gao","sequence":"additional","affiliation":[]},{"given":"Guojun","family":"Peng","sequence":"additional","affiliation":[]},{"given":"Chunfu","family":"Jia","sequence":"additional","affiliation":[]},{"given":"Huanguo","family":"Zhang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,3,10]]},"reference":[{"key":"15_CR1","unstructured":"One, A.: Smashing the stack for fun and profit. Phrack Magazine (1996)"},{"key":"15_CR2","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of the ACM CCS (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"15_CR3","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the ACM CCS (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Bletsch, T., Jiang, X., Freeh, V.W., Liang, Z.: Jump-oriented programming: a new class of code-reuse attack. In: Proceedings of the ACM ASIACCS (2011)","DOI":"10.1145\/1966913.1966919"},{"key":"15_CR5","doi-asserted-by":"crossref","unstructured":"Snow, K.Z., Monrose, F., Davi, L., Dmitrienko, A., Liebchen, C., Sadeghi, A.R.: Just-in-time code reuse: on the effectiveness of fine-grained address space layout randomization. In: Proceedings of the IEEE Symposium on Security and Privacy (2013)","DOI":"10.1109\/SP.2013.45"},{"key":"15_CR6","unstructured":"Davi, L., Sadeghi, A.R., Lehmann, D., Monrose, F.: Stitching the gadgets: on the ineffectiveness of coarse-grained control-flow integrity protection. In: Proceedings of the USENIX Security (2014)"},{"key":"15_CR7","unstructured":"Carlini, N., Wagner, D.: Rop is still dangerous: breaking modern defenses. In: Proceedings of the USENIX Security (2014)"},{"key":"15_CR8","doi-asserted-by":"crossref","unstructured":"Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: generalizing return-oriented programming to RISC. In: Proceedings of the ACM CCS (2008)","DOI":"10.1145\/1455770.1455776"},{"key":"15_CR9","doi-asserted-by":"crossref","unstructured":"Francillon, A., Castelluccia, C.: Code injection attacks on harvard-architecture devices. In: Proceedings of the ACM CCS (2008)","DOI":"10.1145\/1455770.1455775"},{"key":"15_CR10","unstructured":"Team, P.: Pax address space layout randomization(ASLR) (2003). \n https:\/\/pax.grsecurity.net\/docs\/aslr.txt"},{"key":"15_CR11","unstructured":"Apple: iOS securityguide (2014).\n https:\/\/www.apple.com\/business\/docs\/iOS_Security_Guide.pdf"},{"key":"15_CR12","unstructured":"Google: security enhancements in android 1.5through 4.1. \n https:\/\/source.android.com\/devices\/tech\/security\/enhancements\/enhancements41.html"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Shacham, H., Page, M., Pfaff, B., Goh, E.J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the ACM CCS (2004)","DOI":"10.1145\/1030083.1030124"},{"key":"15_CR14","unstructured":"Durden, T.: Bypassing pax ALSR protection. Phrack Magazine (2002)"},{"key":"15_CR15","unstructured":"Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: Proceedings of the USENIX Security (2003)"},{"key":"15_CR16","doi-asserted-by":"crossref","unstructured":"Chen, X., Slowinska, A., Andriesse, D., Bos, H., Giuffrida, C.: StackArmor: comprehensive protection from stack-based memory error vulnerabilities for binaries. In: Proceedings of the ISOC NDSS (2015)","DOI":"10.14722\/ndss.2015.23248"},{"key":"15_CR17","unstructured":"Bhatkar, S., Sekar, R., DuVarney, D.C.: Efficient techniques for comprehensive protection from memory error exploits. In: Proceedings of the USENIX Security (2005)"},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"Wartell, R., Mohan, V., Hamlen, K.W., Lin, Z.: Binary stirring: self-randomizing instruction addresses of legacy x86 binary code. In: Proceedings of the ACM CCS (2012)","DOI":"10.1145\/2382196.2382216"},{"key":"15_CR19","unstructured":"Zhang, C., Wei, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., Zou, W.: Practical control flow integrity and randomization for binary executables. In: Proceedings of the IEEE Symposium on Security and Privacy (2013)"},{"key":"15_CR20","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1007\/978-3-642-21424-0_13","volume-title":"Future Challenges in Security and Privacy for Academia and Industry","author":"P O\u2019Sullivan","year":"2011","unstructured":"O\u2019Sullivan, P., Anand, K., Kotha, A., Smithson, M., Barua, R., Keromytis, A.D.: Retrofitting security in COTS software with binary rewriting. In: Camenisch, J., Fischer-H\u00fcbner, S., Murayama, Y., Portmann, A., Rieder, C. (eds.) SEC 2011. IFIP AICT, vol. 354, pp. 154\u2013172. Springer, Heidelberg (2011)"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Pappas, V., Polychronakis, M., Keromytis, A.: Smashing the gadgets: hindering return-oriented programming using in-place code randomization. In: Proceedings of the IEEE Symposium on Security and Privacy (2012)","DOI":"10.1109\/SP.2012.41"},{"key":"15_CR22","unstructured":"Horn, J.: CVE-2014-7911 (2014). \n http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-7911"},{"key":"15_CR23","unstructured":"Horn, J.: CVE-2014-7911: Android \n \n \n \n $$<$$\n \n \n <\n \n \n 5.0 Privilege Escalation using ObjectInputStream (2014). \n http:\/\/seclists.org\/fulldisclosure\/2014\/Nov\/51"},{"key":"15_CR24","unstructured":"Lavi, Y., Markus, N.: CVE-2014-7911: A deep dive analysis of android system service vulnerability and exploitation (2015). \n http:\/\/goo.gl\/XMCM2J"},{"key":"15_CR25","unstructured":"retme7: Local root exploit for Nexus5 Android 4.4.4 (KTU84p) (2015).\n https:\/\/github.com\/retme7\/CVE-2014-7911_poc"},{"key":"15_CR26","unstructured":"Li, X.: Emerging stack pivoting exploits bypass common security (2013). \n https:\/\/goo.gl\/4FbVlF"},{"key":"15_CR27","doi-asserted-by":"crossref","unstructured":"Hiser, J., Nguyen-Tuong, A., Co, M., Hall, M., Davidson, J.W.: Ilr: where\u2019d my gadgets go?. In: Proceedings of the IEEE Symposium on Security and Privacy (2012)","DOI":"10.1109\/SP.2012.39"},{"key":"15_CR28","doi-asserted-by":"crossref","unstructured":"Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Proceedings of the ACM CCS (2003)","DOI":"10.1145\/948143.948146"},{"key":"15_CR29","doi-asserted-by":"crossref","unstructured":"Barrantes, E.G., Ackley, D.H., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Proceedings of the ACM CCS (2003)","DOI":"10.1145\/948109.948147"},{"key":"15_CR30","doi-asserted-by":"crossref","unstructured":"Davi, L., Liebchen, C., Sadeghi, A.R., Snow, K.Z., Monrose, F.: Isomeron: code randomization resilient to (just-in-time) return-oriented programming. In: Proceedings of the ISOC NDSS (2015)","DOI":"10.14722\/ndss.2015.23262"},{"key":"15_CR31","unstructured":"Microsoft: \/GS (buffer security check). \n https:\/\/msdn.microsoft.com\/en-us\/library\/8dbf701c.aspx"},{"key":"15_CR32","unstructured":"Cowan, C., Beattie, S., Johansen, J., Wagle, P.: Pointguard tm: protecting pointers from buffer overflow vulnerabilities. In: Proceedings of the USENIX Security (2003)"},{"key":"15_CR33","unstructured":"Vendicator: stack shield (2000). \n http:\/\/www.angelfire.com\/sk\/stackshield\/"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology - ICISC 2015"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-30840-1_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T13:53:04Z","timestamp":1559397184000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-30840-1_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319308395","9783319308401"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-30840-1_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}