Automated Software Diversity (Synthesis Lectures on Information Security, Privacy, and Trust) - Softcover
Inhaltsangabe
Whereas user-facing applications are often written in modern languages, the firmware, operating system, support libraries, and virtual machines that underpin just about any modern computer system are still written in low-level languages that value flexibility and performance over convenience and safety. Programming errors in low-level code are often exploitable and can, in the worst case, give adversaries unfettered access to the compromised host system. This book provides an introduction to and overview of automatic software diversity techniques that, in one way or another, use randomization to greatly increase the difficulty of exploiting the vast amounts of low-level code in existence. Diversity-based defenses are motivated by the observation that a single attack will fail against multiple targets with unique attack surfaces. We introduce the many, often complementary, ways that one can diversify attack surfaces and provide an accessible guide to more than two decades worth of research on the topic. We also discuss techniques used in conjunction with diversity to prevent accidental disclosure of randomized program aspects and present an in-depth case study of one of our own diversification solutions.
Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.
Über die Autorin bzw. den Autor
Per Larsen recently decided to try his luck as an entrepreneur and currently leads an information security startup: Immunant, Inc. Previously, he worked four years as a postdoctoral scholar at the University of California, Irvine. He graduated with a Ph.D. from the Technical University of Denmark in 2011. He enjoys caffeinated beverages and staying up very late.
Stefan Brunthaler received a Dr.techn. with distinction from TU Vienna in 2011 and spent the next four years as postdoctoral scholar at the University of California, Irvine. Currently, he is a key researcher at SBA Research in Vienna, Austria, working on various topics in language-based security.
Lucas Davi is a researcher at the Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at Technische Universitat Darmstadt, Germany. He received his Ph.D. from Technische Universitat Darmstadt, Germany, in computer science, focusing on code-reuse attacks and defenses. His research focuses on exploits suchas return-oriented programming (ROP) for diverse processor architectures. He is working on new attack methods and countermeasures against exploits such as control-flow integrity and software diversity.
Ahmad-Reza Sadeghi is a full professor of Computer Science at Technische Universitat Darmstadt, Germany. He is the head of the System Security Lab at the Center for Advanced Security Research Darmstadt (CASED) and the Director of the Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He holds a Ph.D. in Computer Science from the University of Saarland in Saarbrucken, Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericsson Telecommunications.
Michael Franz is the director of the Secure Systems and Software Laboratory at the University of California, Irvine (UCI). He is a Full Professor of Computer Science in UCI's Donald Bren School of Information and Computer Sciences and a Full Professor of Electrical Engineering and Computer Science (by courtesy) in UCI's Henry Samueli School of Engineering. Prof. Franz was an early pioneer in the areas of mobile code and dynamic compilation. He created an early just-in-time compilation system, contributed to the theory and practice of continuous compilation and optimization, and co-invented the trace compilation technology that eventually became the JavaScript engine in Mozilla's Firefox browser. Franz received a Dr. sc. techn. degree in Computer Science and a Dipl. Informatik-Ing. ETH degree, both from the Swiss Federal Institute of Technology, ETH Zurich.
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
Weitere beliebte Ausgaben desselben Titels
Suchergebnisse für Automated Software Diversity (Synthesis Lectures on...
Beispielbild für diese ISBN
Automated Software Diversity (Synthesis Lectures on Information Security, Privacy, and Trust)
Anbieter: Ria Christie Collections, Uxbridge, Vereinigtes Königreich
Verkäuferbewertung 5 von 5 Sternen
Zustand: New. In English. Artikel-Nr. ria9783031012181_new
Neu kaufen
EUR 34,10
EUR 13,84 Versand
Versand von Vereinigtes Königreich nach USA
Versand von Vereinigtes Königreich nach USA
Anzahl: Mehr als 20 verfügbar
Foto des Verkäufers
Automated Software Diversity
ISBN 10: 3031012186
ISBN 13: 9783031012181
Neu
Taschenbuch
Anbieter: AHA-BUCH GmbH, Einbeck, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Taschenbuch. Zustand: Neu. Druck auf Anfrage Neuware - Printed after ordering - Whereas user-facing applications are often written in modern languages, the firmware, operating system, support libraries, and virtual machines that underpin just about any modern computer system are still written in low-level languages that value flexibility and performance over convenience and safety. Programming errors in low-level code are often exploitable and can, in the worst case, give adversaries unfettered access to the compromised host system. This book provides an introduction to and overview of automatic software diversity techniques that, in one way or another, use randomization to greatly increase the difficulty of exploiting the vast amounts of low-level code in existence. Diversity-based defenses are motivated by the observation that a single attack will fail against multiple targets with unique attack surfaces. We introduce the many, often complementary, ways that one can diversify attack surfaces and provide an accessible guide to more than two decades worth of research on the topic. We also discuss techniques used in conjunction with diversity to prevent accidental disclosure of randomized program aspects and present an in-depth case study of one of our own diversification solutions. Artikel-Nr. 9783031012181
Neu kaufen
EUR 29,95
EUR 60,95 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 1 verfügbar
Foto des Verkäufers
Automated Software Diversity
Anbieter: preigu, Osnabrück, Deutschland
Verkäuferbewertung 5 von 5 Sternen
Taschenbuch. Zustand: Neu. Automated Software Diversity | Per Larsen (u. a.) | Taschenbuch | Synthesis Lectures on Information Security, Privacy, and Trust | xi | Englisch | 2015 | Springer | EAN 9783031012181 | Verantwortliche Person für die EU: Springer Verlag GmbH, Tiergartenstr. 17, 69121 Heidelberg, juergen[dot]hartmann[at]springer[dot]com | Anbieter: preigu. Artikel-Nr. 121975488
Neu kaufen
EUR 29,10
EUR 70,00 Versand
Versand von Deutschland nach USA
Versand von Deutschland nach USA
Anzahl: 5 verfügbar