{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T17:46:40Z","timestamp":1743097600469,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":30,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642236433"},{"type":"electronic","value":"9783642236440"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-23644-0_6","type":"book-chapter","created":{"date-parts":[[2012,2,11]],"date-time":"2012-02-11T00:06:20Z","timestamp":1328918780000},"page":"101-120","source":"Crossref","is-referenced-by-count":11,"title":["Packed, Printable, and Polymorphic Return-Oriented Programming"],"prefix":"10.1007","author":[{"given":"Kangjie","family":"Lu","sequence":"first","affiliation":[]},{"given":"Dabi","family":"Zou","sequence":"additional","affiliation":[]},{"given":"Weiping","family":"Wen","sequence":"additional","affiliation":[]},{"given":"Debin","family":"Gao","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"6_CR1","unstructured":"W xor X, http:\/\/en.wikipedia.org\/wiki\/WX"},{"key":"6_CR2","unstructured":"Anagnostakis, K.G., Markatos, E.P.: An empirical study of real-world polymorphic code injection attacks. In: Proceedings of the 2nd USENIX Conference on Large-Scale Exploits and Emergent Threats (2009)"},{"key":"6_CR3","unstructured":"Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium (USENIX Security 2003) (2003)"},{"key":"6_CR4","unstructured":"Bhatkar, S., Sekar, R., DuVarney, D.C.: Efficient techniques for comprehensive protection from memory error exploits. In: Proceedings of the 14th USENIX Security Symposium (USENIX Security 2005) (2005)"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Bletsch, T., Jiang, X., Freeh, V.W.: Jump-oriented programming: A new class of code-reuse attack. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011 (2011)","DOI":"10.1145\/1966913.1966919"},{"key":"6_CR6","doi-asserted-by":"crossref","unstructured":"Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: generalizing return-oriented programming to risc. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008 (2008)","DOI":"10.1145\/1455770.1455776"},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.-R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010 (2010)","DOI":"10.1145\/1866307.1866370"},{"key":"6_CR8","unstructured":"Checkoway, S., Feldman, A.J., Kantor, B., Halderman, J.A., Felten, E.W., Shacham, H.: Can dres provide long-lasting security? the case of return-oriented programming and the avc advantage. In: Proceedings of the 2009 Electronic Voting Technology Workshop\/Workshop on Trustworthy Elections (2009)"},{"key":"6_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/978-3-642-10772-6_13","volume-title":"Information Systems Security","author":"P. Chen","year":"2009","unstructured":"Chen, P., Xiao, G., Shen, X., Yin, X., Mao, B., Xie, L.: Drop: Detecting return-oriented programming malicious code. In: Prakash, A., Sen Gupta, I. (eds.) ICISS 2009. LNCS, vol.\u00a05905, pp. 163\u2013177. Springer, Heidelberg (2009)"},{"key":"6_CR10","doi-asserted-by":"crossref","unstructured":"Davi, L., Sadeghi, A., Winandy, M.: Ropdefender: A detection tool to defend against return-oriented programming attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2011 (2011)","DOI":"10.1145\/1966913.1966920"},{"key":"6_CR11","unstructured":"Detristan, T., Ulenspiegel, T., Malcom, Y., Underduk, M.S.V.: Polymorphic shellcode engine using spectrum analysis. Phrack magazine\u00a09(61) (August 2003), \n                    \n                      http:\/\/www.phrack.org\/issues.html?issue=61&id=9"},{"key":"6_CR12","doi-asserted-by":"crossref","unstructured":"Francillon, A., Castelluccia, C.: Code injection attacks on harvard-architecture devices. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008 (2008)","DOI":"10.1145\/1455770.1455775"},{"key":"6_CR13","doi-asserted-by":"crossref","unstructured":"Francillon, A., Perito, D., Castelluccia, C.: Defending embedded systems against control flow attacks. In: Proceedings of the First ACM Workshop on Secure Execution of Untrusted Code, SecuCode 2009 (2009)","DOI":"10.1145\/1655077.1655083"},{"key":"6_CR14","unstructured":"Greuff: Writing utf-8 compatible shellcodes. Phrack magazine\u00a0 9(62) (July 2004), \n                    \n                      http:\/\/www.phrack.org\/issues.html?issue=62&id=9\n                    \n                    \n                  ."},{"key":"6_CR15","unstructured":"Hund, R., Holz, T., Freiling, F.C.: Returnoriented rootkits: Bypassing kernel code integrity protection mechanisms. In: Proceedings of the 18th USENIX Security Symposium (USENIX Security 2009) (2009)"},{"key":"6_CR16","unstructured":"Kornau, T.: Return oriented programming for the arm architecture. Master\u2019s thesis. Ruhr-University Bochum, Germany (2009)"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Mason, J., Small, S., Monrose, F., MacManus, G.: English shellcode. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009 (2009)","DOI":"10.1145\/1653662.1653725"},{"key":"6_CR18","unstructured":"Obscou. Building ia32 \u2019unicode-proof\u2019 shellcodes. Phrack magazine\u00a011(61) (August 2003), \n                    \n                      http:\/\/www.phrack.org\/issues.html?issue=61&id=11"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Onarlioglu, K., Bilge, L., Lanzi, A., Balzarottie, D., Kirda, E.: G-free: Defeating return-oriented programming through gadget-less binaries. In: Proceedings of The 26th Annual Computer Security Applications Conference, ACSAC (2010)","DOI":"10.1145\/1920261.1920269"},{"key":"6_CR20","unstructured":"Pietrek, M.: A crash course on the depths of win32 structured exception handling. Microsoft Systems Journal (January 1997), \n                    \n                      http:\/\/www.microsoft.com\/msj\/0197\/exception\/exception.aspx"},{"key":"6_CR21","unstructured":"Rix: Writing ia32 alphanumeric shellcodes. Phrack magazine\u00a015(57) (August 2001), \n                    \n                      http:\/\/www.phrack.org\/issues.html?issue=57&id=15\n                    \n                    \n                  ."},{"key":"6_CR22","unstructured":"Roemer, R., Buchanan, E., Shacham, H., Savage, S.: Return-oriented program-ming: Systems, languages, and applications (2010), \n                    \n                      http:\/\/cseweb.ucsd.edu\/~hovav\/dist\/rop.pdf"},{"key":"6_CR23","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007 (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"6_CR24","doi-asserted-by":"crossref","unstructured":"Shacham, H., Page, M., Pfaff, B., Goh, E., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004 (2004)","DOI":"10.1145\/1030083.1030124"},{"key":"6_CR25","unstructured":"Stepan, A.: Improving proactive detection of packed malware. Virus Bulletin (2006)"},{"key":"6_CR26","volume-title":"The Art of Computer Virus Research and Defense","author":"P. Szor","year":"2005","unstructured":"Szor, P.: The Art of Computer Virus Research and Defense. Addison-Wesley Professional, Reading (February 2005)"},{"key":"6_CR27","unstructured":"PaX Team. Pax address space layout randomization, \n                    \n                      http:\/\/pax.grsecurity.net\/docs\/aslr.txt"},{"key":"6_CR28","doi-asserted-by":"crossref","unstructured":"Wang, Z., Cheng, R., Gao, D.: Revisiting address space randomization. In: Proceedings of the 13th Annual International Conference on Information Security and Cryptology, ICISC 2010 (2010)","DOI":"10.1007\/978-3-642-24209-0_14"},{"key":"6_CR29","unstructured":"Xu, J., Kalbarczyk, Z., Iyer, R.K.: Transparent runtime randomization for security. In: Symposium on Reliable and Distributed Systems, SRDS (2003)"},{"key":"6_CR30","unstructured":"Zovi, D.A.D.: Practical return-oriented programming (2010), \n                    \n                      http:\/\/trailofbits.com\/2010\/04\/26\/practical-return-oriented-programming\/"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-23644-0_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,4,27]],"date-time":"2019-04-27T12:04:57Z","timestamp":1556366697000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-23644-0_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642236433","9783642236440"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-23644-0_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}