{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T12:12:36Z","timestamp":1763467956386},"publisher-location":"Berlin, Heidelberg","reference-count":42,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642029172"},{"type":"electronic","value":"9783642029189"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-02918-9_7","type":"book-chapter","created":{"date-parts":[[2009,6,26]],"date-time":"2009-06-26T10:15:11Z","timestamp":1246011311000},"page":"107-126","source":"Crossref","is-referenced-by-count":37,"title":["Polymorphing Software by Randomizing Data Structure Layout"],"prefix":"10.1007","author":[{"given":"Zhiqiang","family":"Lin","sequence":"first","affiliation":[]},{"given":"Ryan D.","family":"Riley","sequence":"additional","affiliation":[]},{"given":"Dongyan","family":"Xu","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"7_CR1","unstructured":"Gnu compiler collection (gcc) internals, http:\/\/gcc.gnu.org\/onlinedocs\/gccint\/"},{"key":"7_CR2","unstructured":"Offensive computing, http:\/\/www.offensivecomputing.net\/"},{"key":"7_CR3","unstructured":"Using the gnu compiler collection (gcc), http:\/\/gcc.gnu.org\/onlinedocs\/gcc-4.2.4\/gcc\/"},{"key":"7_CR4","unstructured":"Vx heavens, http:\/\/vx.netlux.org\/"},{"key":"7_CR5","volume-title":"Compilers: Principles, Techniques and Tools","author":"A.V. Aho","year":"2006","unstructured":"Aho, A.V., Lam, M.S., Sethi, R., Ullman, J.D.: Compilers: Principles, Techniques and Tools, 2nd edn. Addison-Wesley, Reading (2006)","edition":"2"},{"key":"7_CR6","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1145\/948109.948147","volume-title":"Proceedings of the 10th ACM conference on Computer and communications security (CCS 2003)","author":"E.G. Barrantes","year":"2003","unstructured":"Barrantes, E.G., Ackley, D.H., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Proceedings of the 10th ACM conference on Computer and communications security (CCS 2003), pp. 281\u2013289. ACM, New York (2003)"},{"key":"7_CR7","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1145\/1133981.1134000","volume-title":"Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation (PLDI 2006)","author":"E.D. Berger","year":"2006","unstructured":"Berger, E.D., Zorn, B.G.: Diehard: probabilistic memory safety for unsafe languages. In: Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation (PLDI 2006), pp. 158\u2013168. ACM, New York (2006)"},{"key":"7_CR8","unstructured":"Bhatkar, E., Duvarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, pp. 105\u2013120 (2003)"},{"key":"7_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-70542-0_1","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"S. Bhatkar","year":"2008","unstructured":"Bhatkar, S., Sekar, R.: Data space randomization. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol.\u00a05137, pp. 1\u201322. Springer, Heidelberg (2008)"},{"key":"7_CR10","unstructured":"Bhatkar, S., Sekar, R., DuVarney, D.C.: Efficient techniques for comprehensive protection from memory error exploits. In: Proceedings of the 14th conference on USENIX Security Symposium, Berkeley, CA, USA (2005), USENIX Association"},{"key":"7_CR11","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: Automatic extraction of protocol format using dynamic binary analysis. In: Proceedings of the 14th ACM Conference on Computer and and Communications Security (CCS 2007) (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"7_CR12","unstructured":"Cadar, C., Akritidis, P., Costa, M., Martin, J.-P., Castro, M.: Data randomization. Technical Report MSR-TR-2008-120, Microsoft Research (2008)"},{"key":"7_CR13","unstructured":"Chew, M., Song, D.: Mitigating buffer overflows by operating system randomization. Technical Report CMU-CS-02-197, Carnegie Mellon University (2002)"},{"key":"7_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"406","DOI":"10.1007\/978-3-540-87785-1_36","volume-title":"Software Technologies for Embedded and Ubiquitous Systems","author":"S. Cho","year":"2008","unstructured":"Cho, S., Chang, H., Cho, Y.: Implementation of an obfuscation tool for c\/c++ source code protection on the xscale architecture. In: Brinkschulte, U., Givargis, T., Russo, S. (eds.) SEUS 2008. LNCS, vol.\u00a05287, pp. 406\u2013416. Springer, Heidelberg (2008)"},{"key":"7_CR15","unstructured":"Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations (1997)"},{"key":"7_CR16","doi-asserted-by":"crossref","unstructured":"Comparetti, P.M., Wondracek, G., Kruegel, C., Kirda, E.: Prospex: Protocol specification extraction. In: Proceedings of 2009 IEEE Symposium on Security and Privacy, Oakland, CA (May 2009)","DOI":"10.1109\/SP.2009.14"},{"key":"7_CR17","unstructured":"Cowan, C., Beattie, S., Johansen, J., Wagle, P.: Pointguard: protecting pointers from buffer overflow vulnerabilities. In: Proceedings of the 12th conference on USENIX Security Symposium, Berkeley, CA, USA (2003), USENIX Association"},{"key":"7_CR18","unstructured":"Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-variant systems: a secretless framework for security through diversity. In: Proceedings of the 15th conference on USENIX Security Symposium, Berkeley, CA, USA (2006), USENIX Association"},{"key":"7_CR19","unstructured":"Cozzie, A., Stratton, F., Xue, H., King, S.T.: Digging for data structures. In: Proceeding of 8th Symposium on Operating System Design and Implementation (OSDI 2008) (December 2008)"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"Cui, W., Peinado, M., Chen, K., Wang, H.J., Irun-Briz, L.: Tupni: Automatic reverse engineering of input formats. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, VA (October 2008)","DOI":"10.1145\/1455770.1455820"},{"key":"7_CR21","doi-asserted-by":"crossref","unstructured":"Cui, W., Peinado, M., Wang, H.J., Locasto, M.: Shieldgen: Automatic data patch generation for unknown vulnerabilities with informed probing. In: Proceedings of 2007 IEEE Symposium on Security and Privacy, Oakland, CA (May 2007)","DOI":"10.1109\/SP.2007.34"},{"key":"7_CR22","unstructured":"Etoh, H.: GCC extension for protecting applications from stack-smashing attacks, ProPolice (2003), http:\/\/www.trl.ibm.com\/projects\/security\/ssp\/"},{"key":"7_CR23","first-page":"67","volume-title":"Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)","author":"S. Forrest","year":"1997","unstructured":"Forrest, S., Somayaji, A., Ackley, D.: Building diverse computer systems. In: Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI), Washington, DC, USA, p. 67. IEEE Computer Society, Los Alamitos (1997)"},{"key":"7_CR24","unstructured":"Garfinkel, T., Rosenblum, M.: A Virtual Machine Introspection Based Architecture for Intrusion Detection. In: Proc. Network and Distributed Systems Security Symposium (NDSS 2003) (February 2003)"},{"key":"7_CR25","unstructured":"Golovanevsky, O., Zaks, A.: Struct-reorg: current status and future perspectives. In: Proceedings of the GCC Developers\u2019 Summit (2007)"},{"key":"7_CR26","unstructured":"Hagog, M., Tice, C.: Cache aware data layout reorganization optimization in gcc. In: Proceedings of the GCC Developers\u2019 Summit (2005)"},{"key":"7_CR27","first-page":"209","volume-title":"Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007)","author":"X. Jiang","year":"2007","unstructured":"Jiang, X., Wang, H.J., Xu, D., Wang, Y.-M.: Randsys: Thwarting code injection attacks with system service interface randomization. In: Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007), Washington, DC, USA, pp. 209\u2013218. IEEE Computer Society, Los Alamitos (2007)"},{"key":"7_CR28","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1145\/948109.948146","volume-title":"Proceedings of the 10th ACM conference on Computer and communications security (CCS 2003)","author":"G.S. Kc","year":"2003","unstructured":"Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Proceedings of the 10th ACM conference on Computer and communications security (CCS 2003), Washington D.C., USA, pp. 272\u2013280. ACM, New York (2003)"},{"key":"7_CR29","unstructured":"Lin, Z., Jiang, X., Xu, D., Zhang, X.: Automatic protocol format reverse engineering through context-aware monitored execution. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, CA (February 2008)"},{"key":"7_CR30","doi-asserted-by":"crossref","unstructured":"Lin, Z., Zhang, X.: Deriving input syntactic structure from execution. In: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE 2008), Atlanta, GA, USA (November 2008)","DOI":"10.1145\/1453101.1453114"},{"issue":"3","key":"7_CR31","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1145\/332084.332092","volume":"4","author":"D. Low","year":"1998","unstructured":"Low, D.: Protecting java code via code obfuscation. Crossroads\u00a04(3), 21\u201323 (1998)","journal-title":"Crossroads"},{"key":"7_CR32","volume-title":"Proceedings of ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 007)","author":"G. Novark","year":"2007","unstructured":"Novark, G., Berger, E.D., Zorn, B.G.: Exterminator: automatically correcting memory errors with high probability. In: Proceedings of ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 007), San Diego, California, USA. ACM Press, New York (2007)"},{"key":"7_CR33","unstructured":"Percival, C.: Naive differences of executable code (2003), http:\/\/www.daemonology.net\/bsdiff\/"},{"key":"7_CR34","doi-asserted-by":"publisher","first-page":"271","DOI":"10.1109\/CGO.2007.36","volume-title":"Proceedings of the International Symposium on Code Generation and Optimization (CGO 2007)","author":"E. Raman","year":"2007","unstructured":"Raman, E., Hundt, R., Mannarswamy, S.: Structure layout optimization for multithreaded programs. In: Proceedings of the International Symposium on Code Generation and Optimization (CGO 2007), Washington, DC, USA, pp. 271\u2013282. IEEE Computer Society Press, Los Alamitos (2007)"},{"key":"7_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-87403-4_1","volume-title":"Recent Advances in Intrusion Detection","author":"R. Riley","year":"2008","unstructured":"Riley, R., Jiang, X., Xu, D.: Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol.\u00a05230, pp. 1\u201320. Springer, Heidelberg (2008)"},{"key":"7_CR36","unstructured":"Salamat, B., Gal, A., Yermolovich, A., Manivannan, K., Franz, M.: Reverse stack execution. Technical Report No. 07-07, University of California, Irvine (2007)"},{"key":"7_CR37","doi-asserted-by":"crossref","unstructured":"Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: A Tiny Hypervisor to Guarantee Lifetime Kernel Code Integrity for Commodity OSes. In: Proceedings of the ACM Symposium on Operating Systems Principles (SOSP 2007) (October 2007)","DOI":"10.1145\/1294261.1294294"},{"key":"7_CR38","unstructured":"PaX Team. Pax address space layout randomization (aslr), http:\/\/pax.grsecurity.net\/docs\/aslr.txt"},{"key":"7_CR39","first-page":"37","volume-title":"Proceedings of the 13th ACM Conference on Computer and Communication Security (CCS 2006)","author":"X. Wang","year":"2006","unstructured":"Wang, X., Li, Z., Xu, J., Reiter, M.K., Kil, C., Choi, J.Y.: Packet vaccine: Black-box exploit detection and signature generation. In: Proceedings of the 13th ACM Conference on Computer and Communication Security (CCS 2006), pp. 37\u201346. ACM Press, New York (2006)"},{"key":"7_CR40","unstructured":"Wondracek, G., Milani, P., Kruegel, C., Kirda, E.: Automatic network protocol analysis. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, CA (February 2008)"},{"key":"7_CR41","doi-asserted-by":"crossref","first-page":"260","DOI":"10.1109\/RELDIS.2003.1238076","volume-title":"Proceedings of the 22nd International Symposium on Reliable Distributed Systems (SRDS 2003)","author":"J. Xu","year":"2003","unstructured":"Xu, J., Kalbarczyk, Z., Iyer, R.K.: Transparent runtime randomization for security. In: Proceedings of the 22nd International Symposium on Reliable Distributed Systems (SRDS 2003), pp. 260\u2013269. IEEE Computer Society, Los Alamitos (2003)"},{"key":"7_CR42","doi-asserted-by":"crossref","unstructured":"Zhong, Y., Orlovich, M., Shen, X., Ding, C.: Array regrouping and structure splitting using whole-program reference affinity. In: Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation, PLDI 2004 (2004)","DOI":"10.1145\/996841.996872"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-02918-9_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T23:20:56Z","timestamp":1558394456000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-02918-9_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642029172","9783642029189"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-02918-9_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}