{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T04:40:49Z","timestamp":1743136849992,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642224232"},{"type":"electronic","value":"9783642224249"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-22424-9_12","type":"book-chapter","created":{"date-parts":[[2011,6,20]],"date-time":"2011-06-20T06:37:35Z","timestamp":1308551855000},"page":"194-213","source":"Crossref","is-referenced-by-count":8,"title":["Code Pointer Masking: Hardening Applications against Code Injection Attacks"],"prefix":"10.1007","author":[{"given":"Pieter","family":"Philippaerts","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yves","family":"Younan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stijn","family":"Muylle","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Frank","family":"Piessens","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sven","family":"Lachmund","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thomas","family":"Walter","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"12_CR1","unstructured":"National Institute of Standards and Technology, National vulnerability database statistics, http:\/\/nvd.nist.gov\/statistics.cfm"},{"key":"12_CR2","unstructured":"Etoh, H., Yoda, K.: Protecting from stack-smashing attacks. tech. rep., IBM Research Divison (June 2000)"},{"key":"12_CR3","doi-asserted-by":"crossref","unstructured":"Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., Walter, T.: Breaking the memory secrecy assumption. In: Proceedings of the European Workshop on System Security (Eurosec), Nuremberg, Germany (March 2009)","DOI":"10.1145\/1519144.1519145"},{"key":"12_CR4","first-page":"423","volume":"33","author":"K.S. Lhee","year":"2003","unstructured":"Lhee, K.S., Chapin, S.J.: Buffer overflow and format string overflow vulnerabilities. Software: Practice and Experience\u00a033, 423\u2013460 (2003)","journal-title":"Software: Practice and Experience"},{"key":"12_CR5","unstructured":"Bhatkar, S., Duvarney, D.C., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, USENIX Association (August 2003)"},{"key":"12_CR6","doi-asserted-by":"crossref","unstructured":"Shacham, H., Page, M., Pfaff, B., Goh, E.J., Modadugu, N., Boneh, D.: On the Effectiveness of Address-Space Randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security (October 2004)","DOI":"10.1145\/1030083.1030124"},{"key":"12_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-11747-3_1","volume-title":"Engineering Secure Software and Systems","author":"F. Gadaleta","year":"2010","unstructured":"Gadaleta, F., Younan, Y., Joosen, W.: BuBBle: A javascript engine level countermeasure against heap-spraying attacks. In: Massacci, F., Wallach, D., Zannone, N. (eds.) ESSoS 2010. LNCS, vol.\u00a05965, pp. 1\u201317. Springer, Heidelberg (2010)"},{"key":"12_CR8","unstructured":"Wojtczuk, R.: Defeating solar designer non-executable stack patch. Posted on the Bugtraq mailinglist (February 1998)"},{"key":"12_CR9","doi-asserted-by":"crossref","first-page":"552","DOI":"10.1145\/1315245.1315313","volume-title":"Proceedings of the 14th ACM Conference on Computer and Communications Security","author":"H. Shacham","year":"2007","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552\u2013561. ACM Press, Washington, D.C., U.S.A (2007)"},{"key":"12_CR10","unstructured":"Skape, Skywing.: Bypassing windows hardware-enforced data execution prevention (Uninformed) vol.\u00a02 (September 2005)"},{"key":"12_CR11","doi-asserted-by":"crossref","first-page":"340","DOI":"10.1145\/1102120.1102165","volume-title":"Proceedings of the 12th ACM Conference on Computer and Communications Security","author":"M. Abadi","year":"2005","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 340\u2013353. ACM, Alexandria (2005)"},{"key":"12_CR12","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1109\/ACSAC.2006.27","volume-title":"Proceedings of the Twenty-Second Annual Computer Security Applications Conference (ACSAC 2006)","author":"Y. Younan","year":"2006","unstructured":"Younan, Y., Pozza, D., Piessens, F., Joosen, W.: Extended protection against stack smashing attacks without performance loss. In: Proceedings of the Twenty-Second Annual Computer Security Applications Conference (ACSAC 2006), pp. 429\u2013438. IEEE Press, Los Alamitos (2006)"},{"key":"12_CR13","volume-title":"Proceedings of the 7th USENIX Security Symposium","author":"C. Cowan","year":"1998","unstructured":"Cowan, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX Security Symposium, USENIX Association, San Antonio (1998)"},{"key":"12_CR14","unstructured":"Cowan, C., Beattie, S., Johansen, J., Wagle, P.: PointGuard: protecting pointers from buffer overflow vulnerabilities. In: Proceedings of the 12th USENIX Security Symposium, pp. 91\u2013104. USENIX Association (August 2003)"},{"key":"12_CR15","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/2.869367","volume":"33","author":"J.L. Henning","year":"2000","unstructured":"Henning, J.L.: Spec cpu2000: Measuring cpu performance in the new millennium. Computer\u00a033, 28\u201335 (2000)","journal-title":"Computer"},{"key":"12_CR16","unstructured":"Erlingsson, U.: Low-level software security: Attacks and defenses. Tech. Rep. MSR-TR-2007-153, Microsoft Research (2007)"},{"key":"12_CR17","unstructured":"Younan, Y., Joosen, W., Piessens, F.: Runtime countermeasures for code injection attacks against c and c++ programs. ACM Computing Surveys (2010)"},{"key":"12_CR18","doi-asserted-by":"crossref","unstructured":"Oiwa, Y., Sekiguchi, T., Sumii, E., Yonezawa, A.: Fail-safe ANSI-C compiler: An approach to making C programs secure: Progress report. In: Proceedings of International Symposium on Software Security (November 2002)","DOI":"10.1007\/3-540-36532-X_9"},{"key":"12_CR19","unstructured":"Akritidis, P., Costa, M., Castro, M., Hand, S.: Baggy bounds checking: An efficient and backwards-compatible defense against out-of-bounds errors. In: Proceedings of the 18th USENIX Security Symposium, Montreal, QC (August 2009)"},{"key":"12_CR20","volume-title":"Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS)","author":"Y. Younan","year":"2010","unstructured":"Younan, Y., Philippaerts, P., Cavallaro, L., Sekar, R., Piessens, F., Joosen, W.: Paricheck: An efficient pointer arithmetic checker for c programs. In: Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS), ACM, Bejing (2010)"},{"key":"12_CR21","unstructured":"The PaX Team, Documentation for the PaX project."},{"key":"12_CR22","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1145\/948109.948147","volume-title":"Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS 2003)","author":"E.G. Barrantes","year":"2003","unstructured":"Barrantes, E.G., Ackley, D.H., Forrest, S., Palmer, T.S., Stefanovi\u0107, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS 2003), pp. 281\u2013289. ACM, New York (2003)"},{"key":"12_CR23","doi-asserted-by":"publisher","first-page":"409","DOI":"10.1109\/ICDSC.2001.918971","volume-title":"Proceedings of the 21st International Conference on Distributed Computing Systems","author":"T. Chiueh","year":"2001","unstructured":"Chiueh, T., Hsu, F.H.: RAD: A compile-time solution to buffer overflow attacks. In: Proceedings of the 21st International Conference on Distributed Computing Systems, pp. 409\u2013420. IEEE Computer Society, Phoenix (2001)"},{"key":"12_CR24","volume-title":"Proceedings of the 15th USENIX Security Symposium","author":"S. Mccamant","year":"2006","unstructured":"Mccamant, S., Morrisett, G.: Evaluating SFI for a CISC architecture. In: Proceedings of the 15th USENIX Security Symposium, USENIX Association, Vancouver (2006)"},{"key":"12_CR25","volume-title":"Proceedings of the 11th USENIX Security Symposium","author":"V. Kiriansky","year":"2002","unstructured":"Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure execution via program shepherding. In: Proceedings of the 11th USENIX Security Symposium, USENIX Association, San Francisco (August 2002)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-22424-9_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,25]],"date-time":"2021-11-25T23:18:47Z","timestamp":1637882327000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-22424-9_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642224232","9783642224249"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-22424-9_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}