Per Larsen & Ahmad-Reza Sadeghi 
The Continuing Arms Race [EPUB ebook] 
Code-Reuse Attacks and Defenses

Ủng hộ

As human activities moved to the digital domain, so did all the well-known malicious behaviors including fraud, theft, and other trickery. There is no silver bullet, and each security threat calls for a specific answer. One specific threat is that applications accept malformed inputs, and in many cases it is possible to craft inputs that let an intruder take full control over the target computer system.

The nature of systems programming languages lies at the heart of the problem. Rather than rewriting decades of well-tested functionality, this book examines ways to live with the (programming) sins of the past while shoring up security in the most efficient manner possible. We explore a range of different options, each making significant progress towards securing legacy programs from malicious inputs.

The solutions explored include enforcement-type defenses, which excludes certain program executions because they never arise during normal operation. Another strand explores the idea of presenting adversaries with a moving target that unpredictably changes its attack surface thanks to randomization. We also cover tandem execution ideas where the compromise of one executing clone causes it to diverge from another thus revealing adversarial activities. The main purpose of this book is to provide readers with some of the most influential works on run-time exploits and defenses. We hope that the material in this book will inspire readers and generate new ideas and paradigms.

€64.99
phương thức thanh toán

Mục lục

Table of Contents: Preface / 1. How Memory Safety Violations Enable Exploitation of Programs / 2. Protecting Dynamic Code / 3. Diversity and Information Leaks / 4. Code-Pointer Integrity / 5. Evaluating Control-Flow Restricting Defenses / 6. Attacking Dynamic Code / 7. Hardware Control Flow Integrity / 8. Multi-Variant Execution Environments / References / Contributor Biographies

Giới thiệu về tác giả

Ahmad Sadeghi is a full professor of Computer Science at TU Darmstadt, Germany, and the Director of the Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He holds a Ph.D. in computer science from the University of Saarland in Saarbrücken, Germany. Prior to academia, he worked in research and development for telecommunications enterprises, amongst others Ericsson Telecommunications. He is editor-in-chief of IEEE Security and Privacy Magazine, and on the editorial board of ACMBooks. He served five years on the editorial board of the ACM Transactions on Information and System Security (TISSEC), and was guest editor of the IEEE Transactions on Computer-Aided Design (Special Issue on Hardware Security and Trust).

Mua cuốn sách điện tử này và nhận thêm 1 cuốn MIỄN PHÍ!
Ngôn ngữ Anh ● định dạng EPUB ● Trang 302 ● ISBN 9781970001822 ● Kích thước tập tin 7.4 MB ● Biên tập viên Per Larsen & Ahmad-Reza Sadeghi ● Nhà xuất bản Association for Computing Machinery and Morgan & Claypool Publishers ● Thành phố San Rafael ● Quốc gia US ● Được phát hành 2018 ● Có thể tải xuống 24 tháng ● Tiền tệ EUR ● TÔI 6184496 ● Sao chép bảo vệ Adobe DRM
Yêu cầu trình đọc ebook có khả năng DRM

Thêm sách điện tử từ cùng một tác giả / Biên tập viên

16.598 Ebooks trong thể loại này