| dc.contributor.advisor | Hamed Okhravi and Nickolai Zeldovich. | en_US |
| dc.contributor.author | Casteel, Kelly (Kelly C.) | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. | en_US |
| dc.date.accessioned | 2014-03-06T15:40:00Z | |
| dc.date.available | 2014-03-06T15:40:00Z | |
| dc.date.copyright | 2013 | en_US |
| dc.date.issued | 2013 | en_US |
| dc.identifier.uri | http://hdl.handle.net/1721.1/85409 | |
| dc.description | Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2013. | en_US |
| dc.description | Cataloged from PDF version of thesis. | en_US |
| dc.description | Includes bibliographical references (pages 85-88). | en_US |
| dc.description.abstract | In this thesis, we developed a systematic model of the code reuse attack space where facts about attacks and defenses were represented as propositional statements in boolean logic and the possibility of deploying malware was a satisfiability instance. We use the model to analyze the space in two ways: we analyze the defense configurations of a real-world system and we reason about hypothetical defense bypasses. We construct attacks based on the hypothetical defense bypasses. Next, we investigate the control flow graphs enforced by proposed control flow integrity (CFI) systems. We model the behavior of these systems using a graph search. We also develop several code reuse payloads that work within the control flow graph enforced by one proposed CFI defense. Our findings illustrate that the defenses we investigated are not effective in preventing real world attacks. | en_US |
| dc.description.statementofresponsibility | by Kelly Casteel. | en_US |
| dc.format.extent | 89 pages | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
| dc.subject | Electrical Engineering and Computer Science. | en_US |
| dc.title | A systematic analysis of defenses against code reuse attacks | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | M. Eng. | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
| dc.identifier.oclc | 870309696 | en_US |
