Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution

Instruction-Set Randomization (ISR) obfuscates the "Language" understood by a system to protect against code-injection attacks by presenting an ever-changing target. ISR was originally motivated by code injection through buffer overflow vulnerabilities. However, Stuxnet demonstrated that attackers can exploit other vectors to place malicious binaries into a victim's filesystem and successfully launch them, bypassing most mechanisms proposed to counter buffer overflow holistic adoption of ISR across the software stack, preventing the execution of unauthorized binaries and scripts regardless of their origin.

Provided by: Columbia University Topic: Security Date Added: Nov 2010 Format: PDF

Find By Topic