Open Access
Smashing The Stack For Fun And Profit
A. One
- Vol. 7, Iss: 49
Reads0
Chats0
About:
The article was published on 1996-01-01 and is currently open access. It has received 951 citations till now. The article focuses on the topics: Stack buffer overflow.read more
Citations
More filters
Proceedings Article
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
Crispin Cowan,Calton Pu,Dave Maier,Heather Hintony,Jonathan Walpole,Peat Bakke,Steve Beattie,Aaron Grier,Perry Wagle,Qian Zhang +9 more
TL;DR: StackGuard is described: a simple compiler technique that virtually eliminates buffer overflow vulnerabilities with only modest performance penalties, and a set of variations on the technique that trade-off between penetration resistance and performance.
Proceedings ArticleDOI
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)
TL;DR: A return-into-libc attack to be mounted on x86 executables that calls no functions at all is presented, and how to discover such instruction sequences by means of static analysis is shown.
Proceedings ArticleDOI
Spectre Attacks: Exploiting Speculative Execution
Paul C. Kocher,Jann Horn,Anders Fogh,Daniel Genkin,Daniel Gruss,Werner Haas,Mike Hamburg,Moritz Lipp,Stefan Mangard,Thomas Prescher,Michael Schwarz,Yuval Yarom +11 more
TL;DR: Spectre as mentioned in this paper is a side channel attack that can leak the victim's confidential information via side channel to the adversary. And it can read arbitrary memory from a victim's process.
Proceedings ArticleDOI
On the effectiveness of address-space randomization
TL;DR: Aderandomization attack is demonstrated that will convert any standard buffer-overflow exploit into an exploit that works against systems protected by address-space randomization, and it is concluded that, on 32-bit architectures, the only benefit of PaX-like address- space randomization is a small slowdown in worm propagation speed.
Proceedings ArticleDOI
Secure program execution via dynamic information flow tracking
TL;DR: This work presents a simple architectural mechanism called dynamic information flow tracking that can significantly improve the security of computing systems with negligible performance overhead and is transparent to users or application programmers.