Introduction

While memory safety is at the heart of preventing attacks via undefined semantic behavior, it is not the only approach to thwarting such attacks. Information flow, randomization, and canaries have also been used to detect attacks against undefined C program behavior. It is useful to be aware of these techniques and understand the tradeoffs between full memory safety and these other techniques.

Below are papers on various related topics to attack detection and prevention.

Information Flow Papers

• Real-World Buffer Overflow Protection for Userspace & Kernelspace
  Michael Dalton, Hari Kannan, and Christos Kozyrakis
  Proceedings of the Seventeenth Usenix Security Symposium, August 2008.
  


• Defeating Memory Corruption Attacks via Pointer Taintedness Detection
  Shuo Chen, Jun Xu, Nithin Nakka, Zbigniew Kalbarczyk, and Ravishankar K. Iyer
  Proceedings of the 2005 International Conference on Dependable Systems and Networks (DSN 2005), June 2005.
  


• Dynamic Taint Analysis: Automatic Detection, Analysis, and Signature Generation of Exploit Attacks on Commodity Software
  James Newsome and Dawn Song
  Proceedings of the Network and Distributed Systems Security Symposium , February 2005.
  

Randomization and Probabilistic Safety Papers

• Data Randomization
  Cristian Cadar, Periklis Akritidis, Manuel Costa, Jean-Philippe Martin, and Miguel Castro
  MSR-TR-2008-120, September 2008.
  


• Data Space Randomization
  Sandeep Bhatkar and R. Sekar
  Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2008), July 2008.
  


• Archipelago: Trading Address Space for Reliability and Security
  Vitaliy B. Lvin, Gene Novark, Emery D. Berger, and Benjamin G. Zorn
  Proceedings of the Thirteenth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '08), Seattle, WA, March 2008.
  


• DieHard: Probabilistic Memory Safety for Unsafe Languages
  Emery D. Berger and Benjamin G. Zorn
  Proceedings of the 2006 ACM SIGPLAN conference on Programming Language Design and Implementation (PLDI 2006), Ottawa, Canada, June 2006.
  


• PointGuard™: Protecting Pointers From Buffer Overflow Vulnerabilities
  Crispin Cowan, Steve Beattie, John Johansen and Perry Wagle
  Proceedings of the Twelfth Usenix Security Symposium, Washington, D.C., August 2003.
  


• Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits
  Sandeep Bhatkar, Daniel DuVarney and R. Sekar
  Proceedings of the Twelfth Usenix Security Symposium, Washington, D.C., August 2003.
  


• StackGuard: Automatic Adaptive Detection and Prevention of Buffer-overflow Attacks
  Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang
  Proceedings of the Seventh Usenix Security Symposium, San Antonio, Texas, January 1998.
  

Control Flow Integrity Papers

• KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels
  John Criswell, Nathan Dautenhahn, and Vikram Adve.
  Proceedings of the Thirty Fifth IEEE Symposium on Security and Privacy (Oakland 2014) , San Jose, CA, May 2014.
  


• Control Flow Integrity for COTS Binaries
  Mingwei Zhang and R. Sekar.
  Proceedings of the Twenty Second Usenix Security Symposium, Washington, D.C., August 2013.
  


• Practical Control Flow Integrity and Randomization for Binary Executables
  Chao Zhang, Tao Wei, Zhaofeng Chen, Lei Duan, Laszlo Szekeres, Stephen McCamant, Dawn Song, and Wei Zou.
  Proceedings of the Thirty Fourth IEEE Symposium on Security and Privacy (Oakland 2013) , San Francisco, CA, May 2013.
  


• Combining Control-Flow Integrity and Static Analysis for Efficient and Validated Data Sandboxing
  Bin Zeng, Gang Tan, and Greg Morrisett.
  Proceedings of the Eighteenth Conference on Computer and Communications Security , Chicago, IL, October 2011.
  


• HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity
  Zhi Wang and Xuxian Jiang.
  Proceedings of the Thirty First IEEE Symposium on Security and Privacy, Oakland, CA, May 2010.
  


• Control-flow Integrity Principles, Implementations, and Applications
  Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti
  ACM Transactions on Information and System Security (TISSEC 2009), October 2009.
  

Miscellaneous Papers

• Defeating Return-Oriented Rootkits with "Return-Less" Kernels
  Jinku Li, Zhi Wang, Xuxian Jiang, Michael Grace, and Sina Bahram.
  Proceedings of the Fifth European conference on Computer systems, Paris, France, April 2010.
  

General

Menageries

University of Illinois