{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,7]],"date-time":"2024-09-07T01:33:10Z","timestamp":1725672790367},"publisher-location":"Berlin, Heidelberg","reference-count":34,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642291005"},{"type":"electronic","value":"9783642291012"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-29101-2_20","type":"book-chapter","created":{"date-parts":[[2012,4,2]],"date-time":"2012-04-02T04:10:23Z","timestamp":1333339823000},"page":"289-300","source":"Crossref","is-referenced-by-count":4,"title":["Prevent Kernel Return-Oriented Programming Attacks Using Hardware Virtualization"],"prefix":"10.1007","author":[{"given":"Tian","family":"Shuo","sequence":"first","affiliation":[]},{"given":"He","family":"Yeping","sequence":"additional","affiliation":[]},{"given":"Ding","family":"Baozeng","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"20_CR1","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 552\u2013561 (2007)","DOI":"10.1145\/1315245.1315313"},{"key":"20_CR2","doi-asserted-by":"crossref","unstructured":"Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: generalizing return-oriented programming to RISC. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 27\u201338 (2008)","DOI":"10.1145\/1455770.1455776"},{"key":"20_CR3","doi-asserted-by":"crossref","unstructured":"Checkoway, S., A. J. F., Kantor, B., Halderman, J.A., Felten, E.W., Schacham, H.: Can DREs provide long-lasing security? The case of return-oriented programming and the AVC Advantage. USENIX\/ACCURATE\/IVAoSS (2009)","DOI":"10.1145\/1866307.1866370"},{"key":"20_CR4","unstructured":"Kornau, T.: Return oriented programming for the ARM achitecture (2010)"},{"key":"20_CR5","unstructured":"Lidner, F.: Developments in Cisco IOS forensics (2009)"},{"key":"20_CR6","unstructured":"Dullien, T., Kornau, T., Weinmann, R.-P.: A framework for automated architecture-independent gadget search. In: Proceedings of the 4th USENIX Conference on Offensive Technologies, p. 1 (2010)"},{"key":"20_CR7","unstructured":"PaXTeam. Documentation for the PaX project"},{"key":"20_CR8","doi-asserted-by":"crossref","unstructured":"Barrantes, E.G., Ackley, D.H., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 281\u2013289 (2003)","DOI":"10.1145\/948109.948147"},{"key":"20_CR9","unstructured":"Cowan, C., Pu, C., Maier, D., Hintony, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th Conference on USENIX Security Symposium, vol.\u00a07, pp. 63\u201378 (1998)"},{"key":"20_CR10","doi-asserted-by":"crossref","unstructured":"Madan, B., Phoha, S., Trivedi, K.: StackOFFence: a technique for defending against buffer overflow attacks. In: Information Technology: Coding and Computing, ITCC 2005, pp. 656\u2013661 (2005)","DOI":"10.1109\/ITCC.2005.260"},{"key":"20_CR11","unstructured":"Tian Shuo, H.Y.: Ding Liping: SSGuard: a Nonlinear-enhanced Countermeasure against Stack-smashing Attacks. In: Proceedings of ICIMT 2010, vol.\u00a01, pp. 427\u2013433 (2010)"},{"key":"20_CR12","doi-asserted-by":"crossref","unstructured":"Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., Walter, T.: Breaking the memory secrecy assumption. In: Proceedings of the Second European Workshop on System Security, pp. 1\u20138 (2009)","DOI":"10.1145\/1519144.1519145"},{"key":"20_CR13","doi-asserted-by":"crossref","unstructured":"Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and communications Security, pp. 298\u2013307 (2004)","DOI":"10.1145\/1030083.1030124"},{"key":"20_CR14","doi-asserted-by":"crossref","unstructured":"Roglia, G.F., Martignoni, L., Paleari, R., Bruschi, D.: Surgically returning to randomized lib (c). In: Computer Security Applications Conference, pp. 60\u201369 (2009)","DOI":"10.1109\/ACSAC.2009.16"},{"key":"20_CR15","unstructured":"Le, L.: Payload already inside: data re-use for ROP exploits. Black Hat (2010)"},{"key":"20_CR16","doi-asserted-by":"crossref","unstructured":"Li, J., Wang, Z., Jiang, X., Grace, M., Bahram, S.: Defeating return-oriented rootkits with \u201dReturn-Less\u201d kernels. In: Proceedings of the 5th European Conference on Computer systems, pp. 195\u2013208 (2010)","DOI":"10.1145\/1755913.1755934"},{"key":"20_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/978-3-642-10772-6_13","volume-title":"Information Systems Security","author":"P. Chen","year":"2009","unstructured":"Chen, P., Xiao, H., Shen, X., Yin, X., Mao, B., Xie, L.: DROP: Detecting Return-Oriented Programming Malicious Code. In: Prakash, A., Sen Gupta, I. (eds.) ICISS 2009. LNCS, vol.\u00a05905, pp. 163\u2013177. Springer, Heidelberg (2009)"},{"key":"20_CR18","doi-asserted-by":"crossref","unstructured":"Davi, L., Sadeghi, A.-R., Winandy, M.: ROPdefender: a detection tool to defend against return-oriented programming attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pp. 40\u201351 (2011)","DOI":"10.1145\/1966913.1966920"},{"key":"20_CR19","unstructured":"Vladimir Kiriansky, D.B.: Saman Amarasinghe Secure Execution via Program Shepherding. In: 11th USENIX Security Symposium, pp. 191\u2013206 (2002)"},{"key":"20_CR20","unstructured":"Intel. IA-32 Intel Architecture Software Developer\u2019s Mannual Volume 3B: System Programming Guide, Part 1 (January 2006)"},{"key":"20_CR21","doi-asserted-by":"crossref","unstructured":"Sharif, M.I., Lee, W., Cui, W., Lanzi, A.: Secure in-VM monitoring using hardware virtualization. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 477\u2013487 (2009)","DOI":"10.1145\/1653662.1653720"},{"key":"20_CR22","unstructured":"http:\/\/www.Tux.org"},{"key":"20_CR23","unstructured":"Microsoft. Data Execution Prevention (2006)"},{"issue":"12","key":"20_CR24","first-page":"4034","volume":"43","author":"H. Eto","year":"2002","unstructured":"Eto, H., Yoda, K.: Propolice: Improved stack-smashing attack detection. Transactions of Information Processing Society of Japan\u00a043(12), 4034\u20134041 (2002)","journal-title":"Transactions of Information Processing Society of Japan"},{"key":"20_CR25","doi-asserted-by":"crossref","unstructured":"Younan, Y., Pozza, D., Piessens, F., Joosen, W.: Extended protection against stack smashing attacks without performance loss. In: 22nd Annual Computer Security Applications Conference, ACSAC 2006, pp. 429\u2013438 (2006)","DOI":"10.1109\/ACSAC.2006.27"},{"key":"20_CR26","doi-asserted-by":"crossref","unstructured":"Francillon, A., Perito, D., Castelluccia, C.: Defending embedded systems against control flow attacks. In: Proceedings of the First ACM Workshop on Secure Execution of Untrusted Code, pp. 19\u201326 (2009)","DOI":"10.1145\/1655077.1655083"},{"key":"20_CR27","unstructured":"Frantzen, M., Shuey, M.: StackGhost: Hardware facilitated stack protection. In: SSYM 2001: Proceedings of the 10th Conference on USENIX Security Symposium, pp. 55\u201366 (2001)"},{"key":"20_CR28","doi-asserted-by":"crossref","unstructured":"Onarlioglu, K., Bilge, L., Lanzi, A., Balzarotti, D., Kirda, E.: G-Free: defeating return-oriented programming through gadget-less binaries. In: Proceedings of the 26th Annual Computer Security Applications Conference, pp. 49\u201358 (2010)","DOI":"10.1145\/1920261.1920269"},{"key":"20_CR29","doi-asserted-by":"crossref","unstructured":"Davi, L., Sadeghi, A.-R., Winandy, M.: Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks. In: Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing, pp. 49\u201354 (2009)","DOI":"10.1145\/1655108.1655117"},{"issue":"1","key":"20_CR30","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1609956.1609960","volume":"13","author":"M. Abadi","year":"2009","unstructured":"Abadi, M., Erlingsson, M.B., Ligatti, J.: Control-flow integrity principles, implementations, and applications. ACM Trans. Inf. Syst. Secur.\u00a013(1), 1\u201340 (2009)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"20_CR31","doi-asserted-by":"crossref","unstructured":"Nick, L., Petroni, J., Hicks, M.: Automated detection of persistent kernel control-flow attacks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 103\u2013115 (2007)","DOI":"10.1145\/1315245.1315260"},{"key":"20_CR32","unstructured":"Riley, R., Jiang, X., Xu, D.: Guest-transparent prevention of kernel rootkits with vmm-based memory shadowing (2008)"},{"key":"20_CR33","unstructured":"Tzi-Cker Chiueh, F.-H.H.: RAD: a compile-time solution to buffer overflow attacks. icdcs. In: 21st IEEE International Conference on Distributed Computing Systems (ICDCS 2001), pp. 409\u2013417 (2001)"},{"key":"20_CR34","unstructured":"Vendicator. Stack Shield: A \u201dstack smashing\u201d technique protection tool for Linux"}],"container-title":["Lecture Notes in Computer Science","Information Security Practice and Experience"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-29101-2_20.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,11]],"date-time":"2022-01-11T19:21:01Z","timestamp":1641928861000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-29101-2_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642291005","9783642291012"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-29101-2_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}