Runtime countermeasures for code injection attacks against C and C++ programs | Zendy

Yves Younan | Zendy; Wouter Joosen | Zendy; Frank Piessens | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Runtime countermeasures for code injection attacks against C and C++ programs

Author(s) -

Yves Younan,

Wouter Joosen,

Frank Piessens

Publication year - 2012

Publication title -

acm computing surveys

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 2.079

H-Index - 163

eISSN - 1557-7341

pISSN - 0360-0300

DOI - 10.1145/2187671.2187679

Subject(s) - computer science , exploit , computer security , control flow , key (lock) , secure coding , code (set theory) , static analysis , software security assurance , information security , programming language , security service , set (abstract data type)

The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit these vulnerabilities to gain control over the execution flow of applications. These attacks have played a key role in many major security incidents. Consequently, a huge body of research on countermeasures exists. We provide a comprehensive and structured survey of vulnerabilities and countermeasures that operate at runtime. These countermeasures make different trade-offs in terms of performance, effectivity, compatibility, etc., making it hard to evaluate and compare countermeasures in a given context. We define a classification and evaluation framework on the basis of which countermeasures can be assessed.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research