Suche senden
Hochladen
Exploit techniques and mitigation
•
1 gefällt mir
•
1,931 views
Yaniv Shani
Folgen
Overview of Exploit techniques and mitigation options
Weniger lesen
Mehr lesen
Internet
Melden
Teilen
Melden
Teilen
1 von 18
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
Low Level Exploits
Low Level Exploits
hughpearse
127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on Linux
Sam Bowne
CNIT 127: Ch 8: Windows overflows (Part 2)
CNIT 127: Ch 8: Windows overflows (Part 2)
Sam Bowne
CNIT 127: 4: Format string bugs
CNIT 127: 4: Format string bugs
Sam Bowne
Perl Dist::Surveyor 2011
Perl Dist::Surveyor 2011
Tim Bunce
CNIT 127: Ch 8: Windows overflows (Part 1)
CNIT 127: Ch 8: Windows overflows (Part 1)
Sam Bowne
Introduce to Terraform
Introduce to Terraform
Samsung Electronics
Tp install anything
Tp install anything
Alessandro Franceschi
Empfohlen
Low Level Exploits
Low Level Exploits
hughpearse
127 Ch 2: Stack overflows on Linux
127 Ch 2: Stack overflows on Linux
Sam Bowne
CNIT 127: Ch 8: Windows overflows (Part 2)
CNIT 127: Ch 8: Windows overflows (Part 2)
Sam Bowne
CNIT 127: 4: Format string bugs
CNIT 127: 4: Format string bugs
Sam Bowne
Perl Dist::Surveyor 2011
Perl Dist::Surveyor 2011
Tim Bunce
CNIT 127: Ch 8: Windows overflows (Part 1)
CNIT 127: Ch 8: Windows overflows (Part 1)
Sam Bowne
Introduce to Terraform
Introduce to Terraform
Samsung Electronics
Tp install anything
Tp install anything
Alessandro Franceschi
CNIT 126 13: Data Encoding
CNIT 126 13: Data Encoding
Sam Bowne
[네이버오픈소스세미나] What’s new in Zipkin - Adrian Cole
[네이버오픈소스세미나] What’s new in Zipkin - Adrian Cole
NAVER Engineering
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Anton Babenko
Internship final report@Treasure Data Inc.
Internship final report@Treasure Data Inc.
Ryuichi ITO
Terraform day1
Terraform day1
Gourav Varma
0.5mln packets per second with Erlang
0.5mln packets per second with Erlang
Maxim Kharchenko
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Elvin Gentiles
EKON 24 ML_community_edition
EKON 24 ML_community_edition
Max Kleiner
Reverse engineering - Shellcodes techniques
Reverse engineering - Shellcodes techniques
Eran Goldstein
CNIT 126 5: IDA Pro
CNIT 126 5: IDA Pro
Sam Bowne
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723
Iftach Ian Amit
The Why and How of Scala at Twitter
The Why and How of Scala at Twitter
Alex Payne
Recursion & Erlang, FunctionalConf 14, Bangalore
Recursion & Erlang, FunctionalConf 14, Bangalore
Bhasker Kode
Flink history, roadmap and vision
Flink history, roadmap and vision
Stephan Ewen
0.5mln packets per second with Erlang
0.5mln packets per second with Erlang
Maxim Kharchenko
06 - ELF format, knowing your friend
06 - ELF format, knowing your friend
Alexandre Moneger
Terraform modules and (some of) best practices
Terraform modules and (some of) best practices
Anton Babenko
Make static instrumentation great again, High performance fuzzing for Windows...
Make static instrumentation great again, High performance fuzzing for Windows...
Lucas Leong
Going FaaSter, Functions as a Service at Netflix
Going FaaSter, Functions as a Service at Netflix
Yunong Xiao
Buffer Overflows
Buffer Overflows
Sumit Kumar
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basics
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basics
securityxploded
Smashing The Stack
Smashing The Stack
Daniele Bellavista
Weitere ähnliche Inhalte
Was ist angesagt?
CNIT 126 13: Data Encoding
CNIT 126 13: Data Encoding
Sam Bowne
[네이버오픈소스세미나] What’s new in Zipkin - Adrian Cole
[네이버오픈소스세미나] What’s new in Zipkin - Adrian Cole
NAVER Engineering
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Anton Babenko
Internship final report@Treasure Data Inc.
Internship final report@Treasure Data Inc.
Ryuichi ITO
Terraform day1
Terraform day1
Gourav Varma
0.5mln packets per second with Erlang
0.5mln packets per second with Erlang
Maxim Kharchenko
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Elvin Gentiles
EKON 24 ML_community_edition
EKON 24 ML_community_edition
Max Kleiner
Reverse engineering - Shellcodes techniques
Reverse engineering - Shellcodes techniques
Eran Goldstein
CNIT 126 5: IDA Pro
CNIT 126 5: IDA Pro
Sam Bowne
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723
Iftach Ian Amit
The Why and How of Scala at Twitter
The Why and How of Scala at Twitter
Alex Payne
Recursion & Erlang, FunctionalConf 14, Bangalore
Recursion & Erlang, FunctionalConf 14, Bangalore
Bhasker Kode
Flink history, roadmap and vision
Flink history, roadmap and vision
Stephan Ewen
0.5mln packets per second with Erlang
0.5mln packets per second with Erlang
Maxim Kharchenko
06 - ELF format, knowing your friend
06 - ELF format, knowing your friend
Alexandre Moneger
Terraform modules and (some of) best practices
Terraform modules and (some of) best practices
Anton Babenko
Make static instrumentation great again, High performance fuzzing for Windows...
Make static instrumentation great again, High performance fuzzing for Windows...
Lucas Leong
Going FaaSter, Functions as a Service at Netflix
Going FaaSter, Functions as a Service at Netflix
Yunong Xiao
Buffer Overflows
Buffer Overflows
Sumit Kumar
Was ist angesagt?
(20)
CNIT 126 13: Data Encoding
CNIT 126 13: Data Encoding
[네이버오픈소스세미나] What’s new in Zipkin - Adrian Cole
[네이버오픈소스세미나] What’s new in Zipkin - Adrian Cole
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Preview of Terraform 0.12 + modules.tf - Kiev HUG meetup
Internship final report@Treasure Data Inc.
Internship final report@Treasure Data Inc.
Terraform day1
Terraform day1
0.5mln packets per second with Erlang
0.5mln packets per second with Erlang
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
Smash the Stack: Writing a Buffer Overflow Exploit (Win32)
EKON 24 ML_community_edition
EKON 24 ML_community_edition
Reverse engineering - Shellcodes techniques
Reverse engineering - Shellcodes techniques
CNIT 126 5: IDA Pro
CNIT 126 5: IDA Pro
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723
The Why and How of Scala at Twitter
The Why and How of Scala at Twitter
Recursion & Erlang, FunctionalConf 14, Bangalore
Recursion & Erlang, FunctionalConf 14, Bangalore
Flink history, roadmap and vision
Flink history, roadmap and vision
0.5mln packets per second with Erlang
0.5mln packets per second with Erlang
06 - ELF format, knowing your friend
06 - ELF format, knowing your friend
Terraform modules and (some of) best practices
Terraform modules and (some of) best practices
Make static instrumentation great again, High performance fuzzing for Windows...
Make static instrumentation great again, High performance fuzzing for Windows...
Going FaaSter, Functions as a Service at Netflix
Going FaaSter, Functions as a Service at Netflix
Buffer Overflows
Buffer Overflows
Andere mochten auch
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basics
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basics
securityxploded
Smashing The Stack
Smashing The Stack
Daniele Bellavista
Introduction to Linux Exploit Development
Introduction to Linux Exploit Development
johndegruyter
Introduction to pointers and memory management in C
Introduction to pointers and memory management in C
Uri Dekel
Debugging Applications with GNU Debugger
Debugging Applications with GNU Debugger
Priyank Kapadia
How Functions Work
How Functions Work
Saumil Shah
Insecure coding in C (and C++)
Insecure coding in C (and C++)
Olve Maudal
Ctf hello,world!
Ctf hello,world!
Hacks in Taiwan (HITCON)
Basic of Exploitation
Basic of Exploitation
Jongseok Choi
Secure 360 adversary simulation
Secure 360 adversary simulation
Chris Hernandez
DbiFuzz framework #ZeroNights E.0x03 slides
DbiFuzz framework #ZeroNights E.0x03 slides
Peter Hlavaty
Reliable Windows Heap Exploits
Reliable Windows Heap Exploits
amiable_indian
Exploit development 101 - Part 1 - Null Singapore
Exploit development 101 - Part 1 - Null Singapore
Mohammed A. Imran
Racing with Droids
Racing with Droids
Peter Hlavaty
Power of linked list
Power of linked list
Peter Hlavaty
How2heap
How2heap
Seonghwan Cho
Tersine Mühendislik 101
Tersine Mühendislik 101
Fatih Erdoğan
Attacking the Webkit heap [Or how to write Safari exploits]
Attacking the Webkit heap [Or how to write Safari exploits]
Seguridad Apple
How Safe is your Link ?
How Safe is your Link ?
Peter Hlavaty
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
Peter Hlavaty
Andere mochten auch
(20)
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basics
Reversing & Malware Analysis Training Part 4 - Assembly Programming Basics
Smashing The Stack
Smashing The Stack
Introduction to Linux Exploit Development
Introduction to Linux Exploit Development
Introduction to pointers and memory management in C
Introduction to pointers and memory management in C
Debugging Applications with GNU Debugger
Debugging Applications with GNU Debugger
How Functions Work
How Functions Work
Insecure coding in C (and C++)
Insecure coding in C (and C++)
Ctf hello,world!
Ctf hello,world!
Basic of Exploitation
Basic of Exploitation
Secure 360 adversary simulation
Secure 360 adversary simulation
DbiFuzz framework #ZeroNights E.0x03 slides
DbiFuzz framework #ZeroNights E.0x03 slides
Reliable Windows Heap Exploits
Reliable Windows Heap Exploits
Exploit development 101 - Part 1 - Null Singapore
Exploit development 101 - Part 1 - Null Singapore
Racing with Droids
Racing with Droids
Power of linked list
Power of linked list
How2heap
How2heap
Tersine Mühendislik 101
Tersine Mühendislik 101
Attacking the Webkit heap [Or how to write Safari exploits]
Attacking the Webkit heap [Or how to write Safari exploits]
How Safe is your Link ?
How Safe is your Link ?
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
You didnt see it’s coming? "Dawn of hardened Windows Kernel"
Ähnlich wie Exploit techniques and mitigation
Building a REST API Microservice for the DevNet API Scavenger Hunt
Building a REST API Microservice for the DevNet API Scavenger Hunt
Ashley Roach
How to Reverse Engineer Web Applications
How to Reverse Engineer Web Applications
Jarrod Overson
Refactoring tools for Perl code
Refactoring tools for Perl code
Dagfinn Reiersøl
To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016
To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016
Codemotion
Reactive Cocoa Lightning Talk
Reactive Cocoa Lightning Talk
M. Robert Spryn
Sitecore development approach evolution – destination helix
Sitecore development approach evolution – destination helix
Peter Nazarov
Hyperloglog Lightning Talk
Hyperloglog Lightning Talk
Simon Prickett
Intro to CakePHP
Intro to CakePHP
Walther Lalk
Testing Rapidly Changing Applications With Self-Testing Object-Oriented Selen...
Testing Rapidly Changing Applications With Self-Testing Object-Oriented Selen...
seleniumconf
Writing Code to Work Against any Salesforce Object
Writing Code to Work Against any Salesforce Object
Salesforce Developers
Apigility-powered API's on IBM i
Apigility-powered API's on IBM i
chukShirley
Tool up your lamp stack
Tool up your lamp stack
AgileOnTheBeach
Tool Up Your LAMP Stack
Tool Up Your LAMP Stack
Lorna Mitchell
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
44CON
Jenkins vs. AWS CodePipeline (AWS User Group Berlin)
Jenkins vs. AWS CodePipeline (AWS User Group Berlin)
Steffen Gebert
Java Core | JavaFX 2.0: Great User Interfaces in Java | Simon Ritter
Java Core | JavaFX 2.0: Great User Interfaces in Java | Simon Ritter
JAX London
Code igniter overview
Code igniter overview
umesh patil
Cocoapods in action
Cocoapods in action
Han Qin
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
E. Camden Fisher
Pentesting iOS Apps - Runtime Analysis and Manipulation
Pentesting iOS Apps - Runtime Analysis and Manipulation
Andreas Kurtz
Ähnlich wie Exploit techniques and mitigation
(20)
Building a REST API Microservice for the DevNet API Scavenger Hunt
Building a REST API Microservice for the DevNet API Scavenger Hunt
How to Reverse Engineer Web Applications
How to Reverse Engineer Web Applications
Refactoring tools for Perl code
Refactoring tools for Perl code
To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016
To ∞ (~65K) and beyond! - Sebastiano Gottardo - Codemotion Milan 2016
Reactive Cocoa Lightning Talk
Reactive Cocoa Lightning Talk
Sitecore development approach evolution – destination helix
Sitecore development approach evolution – destination helix
Hyperloglog Lightning Talk
Hyperloglog Lightning Talk
Intro to CakePHP
Intro to CakePHP
Testing Rapidly Changing Applications With Self-Testing Object-Oriented Selen...
Testing Rapidly Changing Applications With Self-Testing Object-Oriented Selen...
Writing Code to Work Against any Salesforce Object
Writing Code to Work Against any Salesforce Object
Apigility-powered API's on IBM i
Apigility-powered API's on IBM i
Tool up your lamp stack
Tool up your lamp stack
Tool Up Your LAMP Stack
Tool Up Your LAMP Stack
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
44CON 2014 - Pentesting NoSQL DB's Using NoSQL Exploitation Framework, Franci...
Jenkins vs. AWS CodePipeline (AWS User Group Berlin)
Jenkins vs. AWS CodePipeline (AWS User Group Berlin)
Java Core | JavaFX 2.0: Great User Interfaces in Java | Simon Ritter
Java Core | JavaFX 2.0: Great User Interfaces in Java | Simon Ritter
Code igniter overview
Code igniter overview
Cocoapods in action
Cocoapods in action
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
CT Software Developers Meetup: Using Docker and Vagrant Within A GitHub Pull ...
Pentesting iOS Apps - Runtime Analysis and Manipulation
Pentesting iOS Apps - Runtime Analysis and Manipulation
Kürzlich hochgeladen
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
nuriaiuzzolino1
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
galaxypingy
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
rahman018755
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
ayvbos
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
meghakumariji156
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
Matthew Sinclair
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
AanSulistiyo
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
HenryBriggs2
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
meghakumariji156
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
Matthew Sinclair
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
krishnachandrapal52
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
Matthew Sinclair
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
growthgrids
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
Kürzlich hochgeladen
(20)
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
Exploit techniques and mitigation
1.
Techniques & Mi-ga-on Yaniv Shani
2.
What is Exploit? A piece of so=ware that leverage an applica-on vulnerability to cause unintended applica-on behavior
3.
Exploits Techniques • Stack overflow • SEH frame overwrite •
Heap overflow • Ret2LibC • Return Oriented Programing • JIT Spraying • Bypass the Sandbox Model
4.
Stack overflow Overwrite the the return address on the stack with a pointer to some malicious shell code
5.
SEH Frame overwrite Override the SEH records to jump to the shellcode
6.
Heap overflow • Overwrite the allocated buffer internal linked list pointers. • Use the resul=ng pointer exchange to overwrite program counter.
7.
• Change the return address on the stack to a known func=on in a shared library • Doesn’t include shellcode Ret2LibC
8.
Return Oriented Programing • Form Gadgets by combine various instruc-ons. • Gadget perform high-level ac-on •
i.e VirtualAlloc(), SetProcessDEPPolicy()
9.
JIT Spraying • Make use of the fact that JIT compiler generated executable code at run=me • Spraying NOP slides, XOR and shellcode into memory
10.
Bypass the Sandbox Model • Bypass the security mechanism • Enable untrusted applica-on an access to underlying system resources.
11.
Mi-ga-on techniques • Stack Protec-on • SafeSEH •
Heap Protec-on • DEP • ASLR
12.
Stack Protec-on • Add Canary before stack return pointer • Check Canary & terminate on mismatch
13.
SafeSEH • A Link =me op=on that generate a table with all SEH that will be used by the program
14.
Heap Protec-on • Unlink check • Entry header cookie •
Pointer encoding • Randomized meta data and base address
15.
Data Execu-on Preven-on • Preven=ng applica=on from execu=ng code from non-executable memory region
16.
Address Space Layout Randomiza-on • Randomly arranging the posi=on of key data area (heap, stack, exec. , library space).
17.
Malware Protec=on Solu=on • An=-Virus: Black list of file signature. • Only effec=ve against known threads •
Whitelis=ng and Sandboxing solu=on • Hard to implement • Require consistent maintenance • Stateful applica=on control • Automated malware protec=on • Protect from zero day aZack
18.
Thank You
Jetzt herunterladen