IEEE Transactions on Dependable and Secure Computing

IEEE Transactions on Dependable and Secure Computing (TDSC) is a bimonthly journal that publishes archival research results focusing on foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. Read the full scope of TDSC


Expand your horizons with Colloquium, a monthly survey of abstracts from all CS transactions! Replaces OnlinePlus in January 2017.


From the July/August 2016 issue

Cloning Your Gadgets: Complete ROP Attack Immunity with Multi-Variant Execution

By Stijn Volckaert, Bart Coppens, and Bjorn De Sutter

Featured article thumbnail imageIn this paper, we present disjoint code layouts (DCL), a technique that complements multi-variant execution [1] and W$\oplus$ X protection to effectively immunize programs against control flow hijacking exploits such as return oriented programming (ROP) [2] and return-to-libc attacks [3]. DCL improves upon address space partitioning (ASP), an earlier technique presented to defeat memory exploits. Unlike ASP, our solution keeps the full virtual address space available to the protected program. Additionally, our combination of DCL with Multi-Variant Execution is transparent to both the user and the programmer and incurs much less overhead than other ROP defense tools, both in terms of run time and memory footprint.

download PDF View the PDF of this article      csdl View this issue in the digital library


Editorials and Announcements

Announcements

Call for Papers


Editorials


Guest Editorials


Reviewers List


Annual Index


Access recently published TDSC articles

RSS Subscribe to the RSS feed of latest TDSC content added to the digital library.

Mail Sign up for the Transactions Connection newsletter.


Swimming with Sharks: Security Roundtable