đź“– Notes

Search (Ctrl+K)

SearchSearch

Recent Notes

See 1409 more sorted by tag →

Exploit programming: from buffer overflows to "weird machines" and theory of computation

created May 20, 2024updated May 26, 20242 min read

Metadata

  • Source
  • File: Exploit programming by Bratus et al (2011).pdf
  • Zotero: View Item
  • Type: Book Section
  • Title: Exploit programming: from buffer overflows to “weird machines” and theory of computation,
  • Author: Bratus, Sergey; Locasto, Michael E.; Patterson, Meredith L.; Sassaman, Len; Shubina, Anna;
  • Publisher: USENIX Association,
  • Volume: 36,
  • Year: 2011

Annotations

Annotations(5/20/2024, 11:17:59 PM)

“Exploits came to be understood and written as programs for these “weird machines” and served as constructive proofs that a computation considered impossible could actually be performed by the targeted environment .” (Bratus et al., 2011, p. 13)

“Altogether, they make up a “weird machine” inside the target on which the craftedinput program executes .” (Bratus et al., 2011, p. 15)

“What unites the printf’s handling of the format string argument and an implementation of malloc? The “weird instruction” primitives they supply to exploits .” (Bratus et al., 2011, p. 16)

“The challenge of practical security research is to reliably predict, expose, and demonstrate such fallacies for common, everyday computing systems—that is, to develop a methodology for answering or at least exploring the above fundamental questions for these systems .” (Bratus et al., 2011, p. 17)

“The article then demonstrates the attack as a program for that machine” (Bratus et al., 2011, p. 18)

“examination of exploit structure and construction shows that they are results akin to mathematical proofs” (Bratus et al., 2011, p. 18)

“This suggests that studying the target’s computational behavior on all possible inputs as a language-theoretic phenomenon is the way forward for designing trustworthy systems” (Bratus et al., 2011, p. 20)

“algorithmically checking the computational equivalence of parsers” (Bratus et al., 2011, p. 20)

Notes

Graph View

Backlinks

Cited by