[1] LÁSZLÓ ERDDI,JSANG A.Exploit prevention,quo vadis?[C]//Proceedings of International Workshop on Security and Trust Management.Washington D.C.,USA:IEEE Press,2017:15-23. [2] NERGA L.Advanced return-into-lib(c) exploits (PaX case study)[EB/OL].[2019-10-10].http://phrack.org/issues/58/4.html. [3] SHACHAM H.The geometry of innocent flesh on the bone:return-into-libc without function calls (on the x86)[C]//Proceedings of ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2007:552-561. [4] CHECKOWAY S,SHACHAM H.Escape from return-oriented programming:return-oriented programming without returns (on the x86)[EB/OL].[2019-10-10].https://hovav.net/ucsd/dist/noret.pdf. [5] SCHWARTZ E J,AVGERINOS T,BRUMLEY D.Q:exploit hardening made easy[C]//Proceedings of USENIX Security Symposium.San Diego,USA:USENIX Association,2011:25-41. [6] BRUMLEY D,SCHWARTZ E J.BAP:a binary analysis platform[C]//Proceedings of International Conference on Computer Aided Verification.Washington D.C.,USA:IEEE Press,2011:463-469. [7] FLANAGAN C,SAXE J B.Avoiding exponential explosion[J].ACM SIGPLAN Notices,2001,36(3):193-205. [8] JAGER I,BRUMLEY D.Efficient directionless weakest preconditions[EB/OL].[2019-10-10].https://www.cylab.cmu.edu/_files/pdfs/tech_reports/CMUCyLab 10002.pdf. [9] DIJKSTRA E.Dijkstra on hamming's problem[M].Berlin,Germany:Springer,1976. [10] HEITMAN C.BARF:a multiplatform open source binary analysis and reverse engineering framework[EB/OL].[2019-10-10].https://raw.githubusercontent.com/programa-stic/barf-project/master/doc/papers/barf.pdf. [11] FOLLNER A,BARTEL A,PENG H,et al.PSHAPE:automatically combining gadgets for arbitrary method execution[C]//Proceedings of International Workshop on Security and Trust Management.Washington D.C.,USA:IEEE Press,2016:212-228. [12] BOYAN-MILANOV.ROPgenerator[EB/OL].[2019-10-10].https://github.com/Boyan-MILANOV/ropgenerator. [13] ISPOGLOU K K,ALBASSAM B,JAEGER T,et al.Block oriented programming:automating data-only attacks[C]//Proceedings of 2018 ACM SIGSAC Conference on Computer and Communications Security.New York,USA:ACM Press,2018:1868-1882. [14] SNOW K Z,MONROSE F,DAVI L,et al.Just-in-time code reuse:on the effectiveness of fine-grained address space layout randomization[C]//Proceedings of 2013 IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Press,2013:574-588. [15] BLETSCH T,JIANG X,FREEH V W,et al.Jump-oriented programming:a new class of code-reuse attack[C]//Proceedings of the 6th ACM Symposium on Information,Computer and Communications Security.New York,USA:ACM Press,2011:30-40. [16] CHECKOWAY S,DAVI L,DMITRIENKO A,et al.Return-oriented programming without returns[C]//Proceedings of the 17th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2010:559-572. [17] SADEGHI A,NIKSEFAT S,ROSTAMIPOUR M.Pure-Call Oriented Programming (PCOP):chaining the gadgets using call instructions[J].Journal of Computer Virology and Hacking Techniques,2018,14(2):139-156. [18] DULLIEN T,PORST S.REIL:a platform-independent intermediate representation of disassembled code for static code analysis[EB/OL].[2019-10-10].http://www.zynamics.com/downloads/csw09.pdf. [19] NETHERCOTE N,SEWARD J.Valgrind:a framework for heavyweight dynamic binary instrumentation[J].ACM SIGPLAN Notices,2007,42(6):89-90. [20] SALWAN J.ROPgadget[EB/OL].[2019-10-10].https://github.com/JonathanSalwan/ROPgadget. |