Memory Errors: The Past, the Present, and the Future

@inproceedings{Veen2012MemoryET,
  title={Memory Errors: The Past, the Present, and the Future},
  author={Victor van der Veen and Nitish dutt-Sharma and Lorenzo Cavallaro and Herbert Bos},
  booktitle={RAID},
  year={2012}
}
Memory error exploitations have been around for over 25 years and still rank among the top 3 most dangerous software errors. Why haven't we been able to stop them? Given the host of security measures on modern machines, are we less vulnerable than before, and can we expect to eradicate memory error problems in the near future? In this paper, we present a quarter century worth of memory errors: attacks, defenses, and statistics. A historical overview provides insights in past trends and… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 79 CITATIONS

Hardware-Assisted Dependable Systems

VIEW 4 EXCERPTS
CITES BACKGROUND
HIGHLY INFLUENCED

Trust and Trustworthy Computing

  • Lecture Notes in Computer Science
  • 2016
VIEW 10 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Identifying memory address disclosures

VIEW 3 EXCERPTS
CITES METHODS
HIGHLY INFLUENCED

Identifying Code Injection and Reuse Payloads In Memory Error Exploits

VIEW 3 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

FILTER CITATIONS BY YEAR

2013
2019

CITATION STATISTICS

  • 6 Highly Influenced Citations

  • Averaged 12 Citations per year from 2017 through 2019

References

Publications referenced by this paper.
SHOWING 1-10 OF 143 REFERENCES

Exec Shield

I. Molnar
  • May 2003.
  • 2003
VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

The What, Why, and How of the 1988 Internet Worm

C. Schmidt, T. Darby
  • July 2001.
  • 2001
VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

The advanced return-into-lib(c) exploits

VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

Memory Corruption Attacks The (almost) Complete History

H. Meer
  • Blackhat USA, July 2010.
  • 2010
VIEW 3 EXCERPTS
HIGHLY INFLUENTIAL

Surgically Returning to Randomized lib(c)

  • 2009 Annual Computer Security Applications Conference
  • 2009
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

Does Microsoft Need Bug Bounties?

R. Lemos
  • 2011
VIEW 1 EXCERPT

Google Chrome PWNED on Windows, exploit leaps over sandbox/ASLR/DEP

VUPEN
  • May 2011.
  • 2011
VIEW 3 EXCERPTS

Legal goons threaten researcher for reporting security bug

D. Goodin
  • 2011.
  • 2011
VIEW 1 EXCERPT