Address Space Layout Randomization

GPTKB entity

Statements (99)
Predicate Object
gptkbp:instance_of gptkb:security
gptkbp:aims_to prevent exploitation of memory corruption vulnerabilities
gptkbp:applies_to libraries
stack
heap
gptkbp:can_be_combined_with stack canaries
address space randomization
gptkbp:countermeasures gptkb:return-oriented_programming
gptkbp:developed_by gptkb:Microsoft
gptkbp:enables modern operating systems
system settings
gptkbp:enhances system security
gptkbp:feature modern compilers
gptkbp:features_works_by randomizing the base address of executable modules
https://www.w3.org/2000/01/rdf-schema#label Address Space Layout Randomization
gptkbp:increases_difficulty_of buffer overflow attacks
gptkbp:introduced_in gptkb:2003
gptkb:Windows_Vista
gptkbp:is_a_form_of data execution prevention
gptkbp:is_a_method_to_enhance software security
gptkbp:is_a_standard_feature_in many operating systems
gptkbp:is_a_technique_that_helps_to secure applications
gptkbp:is_adopted_by gptkb:financial_institutions
government agencies
healthcare organizations
gptkbp:is_applied_in shared libraries
gptkbp:is_configurable_in system settings
operating system settings
gptkbp:is_considered best practice
gptkbp:is_countered_by gptkb:return-oriented_programming
information leaks
jump-oriented programming
gptkbp:is_designed_to prevent exploitation of memory corruption vulnerabilities
gptkbp:is_discussed_in academic papers
security conferences
gptkbp:is_documented_in security guidelines
gptkbp:is_effective_against all types of attacks
certain types of malware
gptkbp:is_evaluated_by security audits
security researchers
gptkbp:is_implemented_in gptkb:C_programming_language
gptkb:Linux
gptkb:mac_OS
gptkb:Windows
user space
kernel space
software development kits
gptkbp:is_often_accompanied_by address space randomization
gptkbp:is_often_used_in other security measures
gptkbp:is_part_of application security
network security
cybersecurity frameworks
threat modeling
operating system security
exploit mitigation techniques
malware prevention strategies
application security best practices
defense in depth strategy
software hardening techniques
vulnerability mitigation strategies
gptkbp:is_related_to gptkb:Data_Execution_Prevention
stack canaries
Control Flow Integrity
gptkbp:is_supported_by gptkb:GCC
gptkb:Linux
gptkb:Foot_Clan
gptkb:mac_OS
gptkbp:is_tested_for penetration testing
gptkbp:is_used_in operating systems
web browsers
mobile operating systems
server applications
gptkbp:is_used_to_mitigate exploitation of vulnerabilities
gptkbp:randomizes memory addresses
gptkbp:reduces predictability of memory layout
gptkbp:related_products other security measures
gptkbp:requires compiler support
gptkbp:technique virtual memory management
be applied to both 32-bit and 64-bit systems
be used in Io T devices
be used in cloud environments
be used in database systems
be used in desktop environments
be used in embedded systems
be used in enterprise applications
be used in high-performance computing
be used in mobile operating systems
be used in network applications
be used in real-time systems
be used in server environments
be used in web applications
increase the cost of exploitation
reduce the success rate of attacks
reduces predictability of memory layout
gptkbp:used_in operating systems
gptkbp:was_a_response_to increasing sophistication of attacks
gptkbp:was_first_implemented_in gptkb:Free_BSD
gptkbp:bfsParent gptkb:Intel_Memory_Protection_Technology
gptkbp:bfsLayer 6