Binary stirring 论文
2012引用 319
Advanced Malware Detection TechniquesSecurity and Verification in ComputingNetwork Security and Intrusion Detection
摘要
Unlike library code, whose instruction addresses can be randomized by address space layout randomization (ASLR), application binary code often has static instruction addresses. Attackers can exploit this limitation to craft robust shell codes for such applications, as demonstrated by a recent attack that reuses instruction gadgets from the static binary code of victim applications.