• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 1
  • 1
  • 1
  • Tagged with
  • 3
  • 3
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Taking Back Control: Closing the Gap Between C/C++ and Machine Semantics

Nathan H. Burow (5929538) 03 January 2019 (has links)
<div>Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web browser, and cause it to perform malicious actions, i.e., grant attackers a shell on</div><div>a system. Such control-flow hijacking attacks exploit a gap between high level language semantics and the machine language that they are compiled to. In particular, systems</div><div>software such as web browsers and servers are implemented in C/C++ which provide no runtime safety guarantees, leaving memory and type safety exclusively to programmers. Compilers are ideally situated to perform the required analysis and close the semantic gap between C/C++ and machine languages by adding instrumentation to enforce full or partial memory safety.</div><div><br></div><div><div>In unprotected C/C++, adversaries must be assumed to be able to control to the contents of any writeable memory location (arbitrary writes), and to read the contents of any readable memory location (arbitrary reads). Defenses against such attacks range from enforcing full memory safety to protecting only select information, normally code pointers to prevent control-flow hijacking attacks. We advance the state of the art for control-flow hijacking</div><div>defenses by improving the enforcement of full memory safety, as well as partial memory safety schemes for protecting code pointers.</div></div><div><br></div><div><div>We demonstrate a novel mechanism for enforcing full memory safety, which denies attackers both arbitrary reads and arbitrary writes at half the performance overhead of the</div><div>prior state of the art mechanism. Our mechanism relies on a novel metadata scheme for maintaining bounds information about memory objects. Further, we maintain the application</div><div>binary interface (ABI), support all C/C++ language features, and are mature enough to protect all of user space, and in particular libc.</div></div><div><br></div><div><div>Backwards control-flow transfers, i.e., returns, are a common target for attackers. In particular, return-oriented-programming (ROP) is a code-reuse attack technique built around corrupting return addresses. Shadow stacks prevent ROP attacks by providing partial memory safety for programs, namely integrity protecting the return address. We provide a full taxonomy of shadow stack designs, including two previously unexplored designs, and demonstrate that with compiler support shadow stacks can be deployed in practice. Further we examine the state of hardware support for integrity protected memory regions within a process’ address space. Control-Flow Integrity (CFI) is a popular technique for securing forward edges, e.g., indirect function calls, from being used for control-flow hijacking attacks. CFI is a form of partial memory safety that provides weak integrity for function pointers by restricting them to a statically determined set of values based on the program’s control-flow graph. We survey existing techniques, and quantify the protection they provide on a per callsite basis.</div><div>Building off this work, we propose a new security policy, Object Type Integrity, which provides full integrity protection for virtual table pointers on a per object basis for C++</div><div>polymorphic objects.</div></div>
2

Přístup k objektovým datům databáze Oracle 10g z jazyka Java / Access to Oracle 10g Object Data from Java

Novák, Michal Unknown Date (has links)
This diploma thesis deals with object extensions of Oracle database 10g system and describes access from Java environment.
3

物體輪廓診斷性對形式內促發與跨形式促發之影響 / The effect of object contour diagnosticity on within-modal and cross-modal priming

王林宇, Linyu Lennel Wang Unknown Date (has links)
每個人遇到曾經看過的物體時,辨識該物體速度會增加(或辨識的正確率增加),這個現象稱為促發(priming)效果(簡稱P-P促發),同樣地,閱讀某物體的名稱(亦即文字)後,隔幾分鐘後再看該物體的圖形,這樣也會產生一種促發量(簡稱W-P促發)。許多研究都指出W-P促發是一種內隱(implicit)記憶,亦即,個體不需要刻意想起曾經看過的物件,促發效果仍會產生,而且P-P促發量都高於W-P促發量。然而,一些研究卻發現W-P促發量等於P-P促發量,顯然地,內隱記憶理論無法對於這種反直覺現象提出合理的解釋。 根據Paivio的雙重收錄理論(dual coding theory)(Paivio, 1986, 1991),辨識具體(concrete)名詞(例如,物體的名稱)會同時觸及(access)或激發兩種知識表徵,一種是涉及左腦的口語(verbal)表徵,另一種是涉及左腦與右腦的影像(image)表徵,而許多神經語言學研究皆指出,涉及處理具體名詞的神經機制不只包含左腦,同時也包含右腦,是以,閱讀具體名詞可能會觸及或激發物體的內在表徵,如果物體輪廓相當獨特或明顯,那麼閱讀此類型物體之名稱可能會觸及或激發此類物體的完整或重要表徵,致使W-P促發量等於P-P促發量現象。因此本研究試圖操弄物體輪廓診斷性來解釋W-P促發量等於P-P促發量之現象。 實驗一與實驗二分別以「圖形唸名」以及「圖形知覺辨識作業」來檢驗「物體輪廓診斷性」對促發的影響,結果顯示,「整體診斷性不高」物體(globally non-diagnostic object,簡稱GN類物體)的P-P促發量高於W-P促發量,和先前許多研究結果一致,然而,「整體診斷性高」物體(globally diagnostic object,簡稱GD類物體)的W-P促發量等於P-P促發量,顯示「物體輪廓診斷性」會影響促發的表現,同時也顯示閱讀GD類物體名稱可以觸及或激發GD類物體的整體或必要的知識表徵。 實驗三以分視野(divided visual field)呈現方式檢驗GD類物體的W-P促發之腦側化現象。本研究發現,顯著的W-P促發只出現在右腦,顯示W-P促發主要經由右腦來處理,根據Paivio的雙重收錄理論來推論,W-P促發之本質可能主要涉及以影像為基礎的(image-based)的知識表徵。 本研究同時操弄外顯記憶以檢驗外顯記憶是否污染W-P促發而導致W-P促發量等於P-P促發量,結果顯示,不管哪一種物體,P-P情境的再認記憶表現都顯著比W-P情境好,顯示GD類物體的促發表現與外顯記憶表現之間有單一分離(single dissociation)的關係,換言之,GD類物體之W-P促發並不受外顯記憶影響或污染。此外,實驗四顯示刻意的心像策略並不涉及W-P促發,顯示閱讀GD類物體名稱觸及GD類物體概念表徵是一種自動化而且相當快速的歷程。 / Implicit memory is usually assessed by showing repetition priming effects, when better performance in accuracy or response time for stimuli that have been previously encountered in comparison with performance with new stimuli. Picture-naming priming has been examined in studies that compared priming in participants who named pictures in the study phase and named those same pictures in the test phase (P-P condition) versus participants who read words that were the names of pictures in the study phase and named pictures cor-responding to those words in the test phase (W-P condition). Many studies demonstrated W-P priming is less than P-P priming in the picture-naming task and other similar object recognition tasks. However, in sharp contrast to the above studies, some studies reported equivalent magnitudes of P-P and W-P naming priming. Theories of implicit memory cannot account for the counter-intuitive phenomenon. According to Paivio’s dual-coding theory, the processing of abstract nouns (e.g., justice) relies on verbal code representations of the left cerebral hemisphere only, whereas concrete nouns (e.g., airplane) additionally access a second image-based processing system in the right cerebral hemisphere (Paivio, 1986, 1991). Paivio’s theory is supported by many researches on neurolinguistics. If the contour of an object is very distinctive or diagnostic, there should be the possible result that reading the name of the distinctive objects could access the whole or essential representation of the object. Following the idea, I manipulated global diagnosticity of object contour to examine whether P-P priming is always larger than W-P priming. I found P-P priming was equivalent to W-P priming on “globally diagnostic” (GD) objects, but the P-P priming was still larger than W-P priming on “glob-ally non-diagnostic” (GN) objects. This phenomenon appeared on both pic-ture-naming (Experiment 1) and picture perceptual-identification (Experiment 2) tasks. Experiment 3 showed that significant W-P priming appeared only when GD objects in the test phase were presented to the right cerebral hemi-sphere (in the left visual field). Based on the Paivio’s dual coding theory (Paivio, 1986, 1991) and research on neurolinguistics, the nature of W-P priming for GD objects was inferred to be image-based processing. Better explicit (conscious) memory performance (recognition memory) in P-P condition than that in W-P condition showed that equivalent priming across P-P and W-P conditions on GD objects was dissociated from the influence of conscious recognition memory. Experiment 4 showed that the intentional strategy of generating mental imagery was not necessarily involved in the W-P priming. These results suggested that reading names of globally diagnostic objects can access, automatically and unconsciously, the representation or essential features of globally diagnostic objects, and right cerebral hemisphere might be responsible for the processing.

Page generated in 0.0634 seconds