Conference item icon

Conference item

Gollum: modular and greybox exploit generation for heap overflows in interpreters

Abstract:

We present the first approach to automatic exploit generation for heap overflows in interpreters. It is also the first approach to exploit generation in any class of program that integrates a solution for automatic heap layout manipulation. At the core of the approach is a novel method for discovering exploit primitives—inputs to the target program that result in a sensitive operation, such as a function call or a memory write, utilizing attacker-injected data. To produce an exploit primitive...

Expand abstract
Publication status:
Published
Peer review status:
Peer reviewed

Actions


Access Document


Files:
Publisher copy:
10.1145/3319535.3354224

Authors


More by this author
Institution:
University of Oxford
Oxford college:
Balliol College
Role:
Author
More by this author
Institution:
University of Oxford
Division:
MPLS
Department:
Computer Science
Oxford college:
Balliol College
Role:
Author
ORCID:
0000-0002-2462-2782
More by this author
Institution:
University of Oxford
Division:
MPLS Division
Department:
Computer Science
Oxford college:
Magdalen College
Role:
Author
Publisher:
ACM Digital Library Publisher's website
Journal:
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security Journal website
Pages:
1689-1706
Host title:
Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security
Publication date:
2019-11-06
Acceptance date:
2019-07-31
DOI:
Source identifiers:
1039998
ISBN:
9781450367479
Keywords:
Pubs id:
pubs:1039998
UUID:
uuid:2df77994-1bcf-4ae8-85a1-5619191fe829
Local pid:
pubs:1039998
Deposit date:
2019-08-08

Terms of use


Views and Downloads






If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP