search for: oakland2013

...Davi, Alexandra Dmitrienko, Christopher Liebchen, and Ahmad-Reza Sadeghi. Just-In-Time Code Resule: On the Effectiveness of Find-Grained Address Space Layout Randomization. In Proceedings of the IEEE Symposium on Security and Privacy ("Oakland") 2013. <http://cs.unc.edu/~fabian/papers/oakland2013.pdf> -- Stephen Checkoway

...rocedural analysis can improve the call graph results to make the program even more secure). I think diversity is a nice thing to have to provide defense in depth, but I currently think that CFI will provide the most bang for the buck. -- John T. [1] http://www.cs.berkeley.edu/~dawnsong/papers/Oakland2013-CCFIR-CR.pdf [2] http://www.eecs.harvard.edu/~greg/papers/cfiDataSandboxing.pdf > > Looking forward to seeing patches! > > Nick > > > _______________________________________________ > LLVM Developers mailing list > LLVMdev at cs.uiuc.edu http://llvm.cs.uiuc.edu &...

Greetings LLVM Devs! I am a PhD student in the Secure Systems and Software Lab at UC Irvine. We have been working on adding randomness into code generation to create a diverse population of binaries. This diversity prevents code-reuse attacks such as return-oriented-programming (ROP) by denying the attacker information about the exact code layout. ROP has been used is several high-profile recent

On 26 August 2013 11:39, Stephen Crane <sjcrane at uci.edu> wrote: > Greetings LLVM Devs! > > I am a PhD student in the Secure Systems and Software Lab at UC > Irvine. We have been working on adding randomness into code generation > to create a diverse population of binaries. This diversity prevents > code-reuse attacks such as return-oriented-programming (ROP) by >