Address Space Layout Randomization
GPTKB entity
Statements (99)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:security
|
| gptkbp:aims_to |
prevent exploitation of memory corruption vulnerabilities
|
| gptkbp:applies_to |
libraries
stack heap |
| gptkbp:can_be_combined_with |
stack canaries
address space randomization |
| gptkbp:countermeasures |
gptkb:return-oriented_programming
|
| gptkbp:developed_by |
gptkb:Microsoft
|
| gptkbp:enables |
modern operating systems
system settings |
| gptkbp:enhances |
system security
|
| gptkbp:feature |
modern compilers
|
| gptkbp:features_works_by |
randomizing the base address of executable modules
|
| https://www.w3.org/2000/01/rdf-schema#label |
Address Space Layout Randomization
|
| gptkbp:increases_difficulty_of |
buffer overflow attacks
|
| gptkbp:introduced_in |
gptkb:2003
gptkb:Windows_Vista |
| gptkbp:is_a_form_of |
data execution prevention
|
| gptkbp:is_a_method_to_enhance |
software security
|
| gptkbp:is_a_standard_feature_in |
many operating systems
|
| gptkbp:is_a_technique_that_helps_to |
secure applications
|
| gptkbp:is_adopted_by |
gptkb:financial_institutions
government agencies healthcare organizations |
| gptkbp:is_applied_in |
shared libraries
|
| gptkbp:is_configurable_in |
system settings
operating system settings |
| gptkbp:is_considered |
best practice
|
| gptkbp:is_countered_by |
gptkb:return-oriented_programming
information leaks jump-oriented programming |
| gptkbp:is_designed_to |
prevent exploitation of memory corruption vulnerabilities
|
| gptkbp:is_discussed_in |
academic papers
security conferences |
| gptkbp:is_documented_in |
security guidelines
|
| gptkbp:is_effective_against |
all types of attacks
certain types of malware |
| gptkbp:is_evaluated_by |
security audits
security researchers |
| gptkbp:is_implemented_in |
gptkb:C_programming_language
gptkb:Linux gptkb:mac_OS gptkb:Windows user space kernel space software development kits |
| gptkbp:is_often_accompanied_by |
address space randomization
|
| gptkbp:is_often_used_in |
other security measures
|
| gptkbp:is_part_of |
application security
network security cybersecurity frameworks threat modeling operating system security exploit mitigation techniques malware prevention strategies application security best practices defense in depth strategy software hardening techniques vulnerability mitigation strategies |
| gptkbp:is_related_to |
gptkb:Data_Execution_Prevention
stack canaries Control Flow Integrity |
| gptkbp:is_supported_by |
gptkb:GCC
gptkb:Linux gptkb:Foot_Clan gptkb:mac_OS |
| gptkbp:is_tested_for |
penetration testing
|
| gptkbp:is_used_in |
operating systems
web browsers mobile operating systems server applications |
| gptkbp:is_used_to_mitigate |
exploitation of vulnerabilities
|
| gptkbp:randomizes |
memory addresses
|
| gptkbp:reduces |
predictability of memory layout
|
| gptkbp:related_products |
other security measures
|
| gptkbp:requires |
compiler support
|
| gptkbp:technique |
virtual memory management
be applied to both 32-bit and 64-bit systems be used in Io T devices be used in cloud environments be used in database systems be used in desktop environments be used in embedded systems be used in enterprise applications be used in high-performance computing be used in mobile operating systems be used in network applications be used in real-time systems be used in server environments be used in web applications increase the cost of exploitation reduce the success rate of attacks reduces predictability of memory layout |
| gptkbp:used_in |
operating systems
|
| gptkbp:was_a_response_to |
increasing sophistication of attacks
|
| gptkbp:was_first_implemented_in |
gptkb:Free_BSD
|
| gptkbp:bfsParent |
gptkb:Intel_Memory_Protection_Technology
|
| gptkbp:bfsLayer |
6
|