CYSEC researchers publish book „Building Secure Defenses Against Code-Reuse Attacks“
16.12.2015
SpringerBriefs in Computer Science
Prof. Dr. Ahmad-Reza Sadeghi and Dr. Lucas Davi published a book about defenses against code-reuse attacks in the series „SpringerBriefs in Computer Science“.
Link to the and Springer website. TU Darmstadt's publication database
Abstract
This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET.
Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented.
Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks.
More information
Please directly contact the authors, . Prof. Sadeghi and Dr. Davi