Runtime Countermeasures for Code Injection Attacks Against C and C++ Programs

YVES YOUNAN; WOUTER JOOSEN; FRANK PIESSENS

首页> 外文期刊>ACM Computing Surveys >Runtime Countermeasures for Code Injection Attacks Against C and C++ Programs

【24h】

Runtime Countermeasures for Code Injection Attacks Against C and C++ Programs

机译：针对C和C ++程序的代码注入攻击的运行时对策

获取原文

获取原文并翻译 | 示例

开具论文收录证明 >>

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit these vulnerabilities to gain control over the execution flow of applications. These attacks have played a key role in many major security incidents. Consequently, a huge body of research on countermeasures exists. We provide a comprehensive and structured survey of vulnerabilities and countermeasures that operate at runtime. These countermeasures make different trade-offs in terms of performance, effectivity, compatibility, etc., making it hard to evaluate and compare countermeasures in a given context. We define a classification and evaluation framework on the basis of which countermeasures can be assessed.

机译：C / C ++中缺乏内存安全性通常会导致漏洞。代码注入攻击利用这些漏洞来控制应用程序的执行流程。这些攻击在许多重大安全事件中都发挥了关键作用。因此，存在大量的对策研究。我们提供了对运行时运行的漏洞和对策的全面结构化调查。这些对策在性能，有效性，兼容性等方面做出了不同的权衡，使得在给定背景下难以评估和比较对策。我们定义一个分类和评估框架，在此基础上可以评估对策。

著录项

来源
《ACM Computing Surveys》 |2012年第3期|p.17.1-17.28|共28页
作者
YVES YOUNAN; WOUTER JOOSEN; FRANK PIESSENS;
展开▼
作者单位

Katholieke Universiteit Leuven;

Katholieke Universiteit Leuven;

Katholieke Universiteit Leuven;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
code injection; countermeasures; C; C++;

机译：代码注入;对策;C;C ++;

相似文献

外文文献
中文文献
专利

1. Detecting Heap-Spraying Code Injection Attacks in Malicious Web Pages Using Runtime Execution [J] . YoungHan CHOI, HyoungChun KIM, DongHoon LEE IEICE Transactions on Communications . 2012,第5期

机译：使用运行时执行检测恶意网页中的堆喷射代码注入攻击
2. Runtime Defense against Code Injection Attacks Using Replicated Execution [J] . Salamat Babak, Jackson Todd, Wagner Gregor, Dependable and Secure Computing, IEEE Transactions on . 2011,第4期

机译：使用复制执行的代码注入攻击的运行时防御
3. An Effective Control Report Based Security Countermeasure against the Joint Attacks of False Report Injection Attack and Selective Forwarding Attack [J] . Hyun Woo Lee, Tae Ho Cho Wireless Sensor Network . 2012,第8期

机译：一种基于有效控制报告的安全措施，防范虚假报告注入攻击与选择性转发攻击的联合攻击
4. Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in C++ Applications [C] . Schuster Felix, Tendyck Thomas, Liebchen Christopher, IEEE Symposium on Security and Privacy . 2015

机译：伪造的面向对象程序设计：论C ++应用程序中防止代码重用攻击的难点
5. The effects of pseudocode in teaching the C++ programming language. [D] . Perugini, Saverio. 2000

机译：伪代码在教授C ++编程语言中的作用。
6. Programming and Runtime Support to Blaze FPGA Accelerator Deployment at Datacenter Scale [O] . Muhuan Huang, Di Wu, Cody Hao Yu, -1

机译：数据中心规模的Blaze FPGA加速器部署的编程和运行时支持
7. Runtime countermeasures for code injection attacks against C and C++ programs [O] . Yves Younan, Wouter Joosen, Frank Piessens 2013

机译：针对C和C ++程序的代码注入攻击的运行时对策

Runtime Countermeasures for Code Injection Attacks Against C and C++ Programs

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅