Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015

3-319-25546-0

1 online resource (83 p.)

SpringerBriefs in Computer Science, , 2191-5768

005.8

Computer security

Computer programming

Programming languages (Electronic computers)

Computers

Systems and Data Security

Programming Techniques

Programming Languages, Compilers, Interpreters

Information Systems and Communication Service

Inglese

Description based upon print version of record.

Includes bibliographical references at the end of each chapters.

Introduction -- Background and Evolution of Code-Reuse Attacks -- Building Control-Flow Integrity Defenses -- Building Code Randomization Defenses -- Discussion and Conclusion.

This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET. Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented. Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level

students studying computer science with a comprehensive overview and clear understanding of important runtime attacks.