Page 287 - 《软件学报》2020年第11期

P. 287

3602 Journal of Software 软件学报 Vol.31, No.11, November 2020

[13] Carlini N, Wagner D. ROP is still dangerous: Breaking modern defenses. In: Proc. of the 23rd USENIX Security Symp. (USENIX
Security 2014). San Diego: USENIX Association, 2014. 385−399.
[14] Xia Y, Liu Y, Chen H, Zang B. CFIMon: Detecting violation of control flow integrity using performance counters. In: Proc. of the
IEEE/IFIP Int’l Conf. on Dependable Systems and Networks (DSN 2012). Boston: IEEE, 2012. 1−12. [doi: 10.1109/DSN.2012.
6263958]
[15] Christoulakis N, Christou G, Athanasopoulos E, Christoulakis N, Ioannidis S. HCFI: Hardware-enforced control-flow integrity. In:
Proc. of the 6th ACM on Conf. on Data and Application Security and Privacy (CODASPY 2016). New Orleans: ACM, 2016. 38−49.
[doi: 10.1145/2857705.2857722]
[16] Das S, Zhang W, Liu Y. A fine-grained control flow integrity approach against runtime memory attacks for embedded systems.
IEEE Trans. on Very Large Scale Integration Systems, 2016,24(11):3193−3207. [doi: 10.1109/TVLSI.2016.2548561]
[17] He W, Das S, Zhang W, Liu Y. No-jump-into-basic-block: Enforce basic block CFI on the fly for real-world binaries. In: Proc. of
the 54th Annual Design Automation Conf. (DAC). Austin: ACM, 2017. 23:1−23:6. [doi: 10.1145/3061639.3062291]
[18] Davi LV, Dmitrienko A, Nürnberger S, Sadeghi AR. Gadge me if you can: Secure and efficient ad-hoc instruction-level
randomization for x86 and ARM. In: Proc. of the 8th ACM Symp. on Information, Computer and Communications Security
(ASIACCS 2013). Hangzhou: ACM, 2013. 299−310. [doi: 10.1145/2484313.2484351]
[19] Koo H, Polychronakis M. Juggling the gadgets: Binary-level code randomization using instruction displacement. In: Proc. of the
11th ACM Symp. on Information, Computer and Communications Security (ASIACCS 2016). Xi’an: ACM, 2016. 23−34. [doi: 10.
1145/2897845.2897863]
[20] Pappas V, Polychronakis M, Keromytis AD. Smashing the gadgets: Hindering return-oriented programming using in-place code
randomization. In: Proc. of the 2012 IEEE Symp. on Security and Privacy (SP). San Francisco: IEEE, 2012. 601−615. [doi: 10.
1109/SP.2012.41]
[21] Chen X, Bos H, Giuffrida C. CodeArmor: Virtualizing the code space to counter disclosure attacks. In: Proc. of the 2017 IEEE
European Symp. on Security and Privacy (EuroS&P 2017). Paris: IEEE, 2017. 514−529. [doi: 10.1109/EuroSP.2017.17]
[22] Sinha K, Kemerlis VP, Sethumadhavan S. Reviving instruction set randomization. In: Proc. of the IEEE Int’l Symp. on Hardware
Oriented Security and Trust. McLean: IEEE, 2017. 21−28. [doi: 10.1109/HST.2017.7951732]
[23] Schwartz EJ, Avgerinos T, Brumley D. Q: Exploit hardening made easy. In: Proc. of the 20th USENIX Conf. on Security. San
Francisco: USENIX Association, 2011. 25−25.
[24] Wilander J, Nikiforakis N, Younan Y, et al. RIPE: Runtime intrusion prevention evaluator. In: Proc. of the 27th Annual Computer
Security Applications Conf. (ACSAC). Orlando: ACM, 2011. 41−50. [doi: 10.1145/2076732.2076739]

李威威(1990－),男,博士生,主要研究领域高伟毅(1992－),男,助理研究员,主要研究
为软件安全. 领域为图像识别,目标检测.

马越(1984－),男,博士,高级工程师,主要杨秋松(1977－),男,博士,研究员,博士生
研究领域为形式化方法,系统安全. 导师,CCF 专业会员,主要研究领域为软件
工程,形式化方法,系统安全.

王俊杰(1987－),女,博士,副研究员,主要李明树(1966－),男,博士,研究员,博士生
研究领域为智能软件工程. 导师,CCF 会士,主要研究领域为操作系统
深度设计(包括安全操作系统、数据操作
系统等),可信软件过程以及基础软硬件核
心技术与应用.

282 283 284 285 286 287 288 289 290 291 292