[1] LIU Tong,SHI Gang,MENG Dan.A survey of code reuse attack and defense mechanisms[J].Journal of Cyber Security,2016,1(2):15-27.(in Chinese) 柳童,史岗,孟丹.代码重用攻击与防御机制综述[J].信息安全学报,2016,1(2):15-27. [2] CHECKOWAY S,DAVI L,DMITRIENKO A,et al.Return-oriented programming without returns[C]//Proceedings of the 17th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2010:559-572. [3] WU Chenggang,LI Jianjun.Evolution of control flow integrity[J].China Education Network,2016(4):52-55.(in Chinese) 武成岗,李建军.控制流完整性的发展历程[J].中国教育网络,2016(4):52-55. [4] CLERCQ R D,VERBAUWHEDE I.A survey of hardware-based control flow integrity(CFI)[EB/OL].(2017-07-31)[2018-12-10].https://arxiv.org/ftp/arxiv/papers/1706/1706.07257.pdf. [5] WERNER M,UNTERLUGGAUER T,SCHAFFENRATH D,et al.Sponge-based control-flow protection for IoT devices[EB/OL].(2018-02-19)[2018-12-10].https://arxiv.org/pdf/1802.06691.pdf. [6] CHANG D.Sufficient conditions on padding schemes of sponge construction and sponge-based authenticated-encryption scheme[C]//Proceedings of International Conference on Cryptology in India.Berlin,Germany:Springer,2012:545-563. [7] ZHANG Jiliang,QI Binhang,QIN Zheng,et al.HCIC:hardware-assisted control-flow integrity checking[J].IEEE Internet of Things Journal,2018,6(1):458-471. [8] CLERCQ R D,KEULENAER R D,COPPENS B,et al.SOFIA:software and control flow integrity architecture[C]//Proceedings of Design,Automation and Test in Europe Conference and Exhibition.Washington D.C.,USA:IEEE Press,2016:1172-1177. [9] WILKEN K,SHEN J P.Continuous signature monitoring:low-cost concurrent detection of processor control errors[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,1990,9(6):629-641. [10] ZHANG Jun,HOU Rui,FAN Junfeng,et al.RAGuard:a hardware based mechanism for backward-edge control-flow integrity[C]//Proceedings of Computing Frontiers Conference.New York,USA:ACM Press,2017:27-34. [11] ABERA T,ASOKAN N,DAVI L,et al.C-FLAT:control-flow attestation for embedded systems software[C]//Proceedings of 2016 ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2016:743-754. [12] ARM Ltd.ARM security technology:building a secure system using TrustZone® technology[EB/OL].[2018-12-10].http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf. [13] LAN Bingchen,LI Yan,SUN Hao,et al.Loop-oriented programming:a new code reuse attack to bypass modern defenses[C]//Proceedings of IEEE Trustcom/BigDataSE/ISPA.Washington D.C.,USA:IEEE Press,2015:190-197. [14] CHECKOWAY S,DAVI L,DMITRIENKO A,et al.Return-oriented programming without returns[C]//Proceedings of ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2010:559-572. [15] XING Xiao.Automated construction of Jump-Oriented Programming attacks[D].Nanjing:Nanjing University,2012.(in Chinese)邢骁.自动化构造Jump-Oriented Programming攻击[D].南京:南京大学,2012. [16] HU Hong,SHINDE S,ADRIAN S,et al.Data-oriented programming:on the expressiveness of non-control data attacks[C]//Proceedings of 2016 IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2016:969-986. [17] LIU Jiafen,ZHOU Mingtian.Research and taxonomy of replay attacks on security protocol[J].Application Research of Computers,2007,24(3):135-139.(in Chinese)刘家芬,周明天.对安全协议重放攻击的分类研究[J].计算机应用研究,2007,24(3):135-139. [18] RISC-V Foundation.The free and open RISC instruction set architecture[EB/OL].[2018-12-10].https://riscv.org/specifications. [19] GitHub Inc.An open-source microcontroller system based on RISC-V[EB/OL].[2018-12-10].https://github.com/pulp-platform/pulpino. |