1. Information Engineering University, Zhengzhou Henan 450001, China; 2. State Key Laboratory of Mathematical Engineering and Advanced Computing (Information Engineering University), Zhengzhou Henan 450001, China
LIN Jian, GUO Yudong, ZHOU Shaohuang. Protection method for global offset table based on address randomization and segment isolation[J]. Journal of Computer Applications, 2016, 36(7): 1852-1855.
[1] TEAM PAX. PaX address space layout randomization[EB/OL].[2003-03-15]. https://pax.grsecurity.net/docs/aslr.txt. [2] Wikipedia. Data execution prevention[EB/OL].[2015-03-12]. https://en.wikipedia.org/wiki/Data_Execution_Prevention. [3] MARCO-GISBERT H, RIPOLL I. On the effectiveness of full-ASLR on 64-bit Linux[EB/OL].[2015-11-20]. http://cybersecurity.upv.es/attacks/offset2lib/offset2lib-paper.pdf. [4] ROGLIA G F, MARTIGNONI L, PALEARI R, et al. Surgically returning to randomized lib(c)[C]//ACSAC'09:Proceedings of the 2009 Annual Computer Security Applications Conference. Piscataway, NJ:IEEE, 2009:60-69. [5] Open Security Group. How to hijack the global offset table with pointers for root shells[EB/OL].[2015-04-04]. http://www.open-security.org/texts/6. [6] DAVI L, SADEGHI A R, LEHMANN D, et al. Stitching the gadgets:on the ineffectiveness of coarse-grained control-flow integrity protection[C]//SEC'14:Proceedings of the 23rd USENIX Security Symposium. Berkeley, CA:USENIX Association, 2014:401-416. [7] KLEIN T. A Bug Hunter's Diary:a Guided Tour Through the Wilds of Software Security[M]. San Francisco:No Starch Press, 2011:183-185. [8] KLEIN T. RELRO-A (not so well known) memory corruption mitigation technique[EB/OL].[2015-02-21]. http://tk-blog.blogspot.jp/2009/02/relro-not-so-well-known-memory.html. [9] ZHANG C, DUAN L, WEI T, et al. SecGOT:secure global offset tables in ELF executables[C]//Proceedings of the 2013 International Conference on Computer Science and Electronics Engineering. Amsterdam:Atlantis Press, 2013:995-998. [10] XU J, KALBARCZYK Z, IYER R K. Transparent runtime randomization for security[C]//Proceedings of the 22nd International Symposium on Reliable Distributed Systems. Piscataway, NJ:IEEE, 2003:260-269. [11] Tool Interface Standards Committee. Executable and Linkable Format (ELF)[EB/OL].[2015-04-01]. http://www.cs.cmu.edu/afs/cs/academic/class/15213-f00/docs/elf.pdf. [12] ARGYROUDIS P, GLYNOS D. Protecting the core:kernel exploitation mitigations[EB/OL].[2015-05-17]. http://census.gr/media/bheu-2011-wp.pdf. [13] CVE Details. Vulnerability details:CVE-2013-2028[EB/OL].[2013-07-19]. http://www.cvedetails.com/cve/2013-2028. [14] MACMANUS G, HAL, SAELO. Nginx HTTP Server 1.3.9-1.4.0 chunked encoding stack buffer overflow[EB/OL].[2015-10-24]. http://www.rapid7.com/db/modules/exploit/linux/http/nginx_chunked_size. [15] ROEMER R, BUCHANAN E, SHACHAM H, et al. Return-oriented programming:systems, languages, and applications[J]. ACM Transactions on Information and System Security, 2012, 15(1):Article No. 2. [16] HENNING J L. SPEC CPU2006 benchmark descriptions[J]. ACM SIGARCH Computer Architecture News, 2006, 34(4):1-17.