Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Publication
- Publication Type
Articles 1 - 3 of 3
Full-Text Articles in Information Security
Advanced Code-Reuse Attacks: A Novel Framework For Jop, Bramwell J. Brizendine
Advanced Code-Reuse Attacks: A Novel Framework For Jop, Bramwell J. Brizendine
Masters Theses & Doctoral Dissertations
Return-oriented programming is the predominant code-reuse attack, where short gadgets or borrowed chunks of code ending in a RET instruction can be discovered in binaries. A chain of ROP gadgets placed on the stack can permit control flow to be subverted, allowing for arbitrary computation. Jump-oriented programming is a class of code-reuse attack where instead of using RET instructions, indirect jumps and indirect calls are utilized to subvert the control flow. JOP is important because can allow for important mitigations and protections against ROP to be bypassed, and some protections against JOP are imperfect. This dissertation presents a design science …
Binary Analysis Framework, Josh Stroschein
Binary Analysis Framework, Josh Stroschein
Masters Theses & Doctoral Dissertations
The binary analysis of software has become an integral activity for security researchers and attackers alike. As the value of being able to exploit a vulnerability has increased, the need to discover, fix and prevent such vulnerabilities has never been greater. This paper proposes the Binary Analysis Framework, which is intended to be used by security researchers to query and analyze information about system and third party libraries. Researchers can use the tool to evaluate and discover unknown vulnerabilities in these libraries. Furthermore, the framework can be utilized to analyze mitigation techniques implemented by operating system and thirdparty vendors. The …
Leveraging Automated Privacy Checking For Design Of Mobile Privacy Protection Mechanisms, Joseph Joo Keng Chan, Lingxiao Jiang, Kiat Wee Tan, Rajesh Balan
Leveraging Automated Privacy Checking For Design Of Mobile Privacy Protection Mechanisms, Joseph Joo Keng Chan, Lingxiao Jiang, Kiat Wee Tan, Rajesh Balan
Research Collection School Of Computing and Information Systems
While mobile platforms rely on developers to follow good practices in privacy design, developers might not always adhere. In addition, it is often difficult for users to understand the privacy behaviour of their applications without some prolonged usage. To aid in these issues, we describe on-going research to improve privacy protection by utilizing techniques that mine privacy information from application binaries as a grey-box (Automated Privacy Checking). The outputs can then be utilized to improve the users' ability to exercise privacy-motivated discretion. We conducted a user study to observe the effects of presenting information on leak-causing triggers within applications in …