[1] E. Grevstad, "CPU-based security: The NX bit,"Disponvel Line Em Julho De, 2004.
[2] P. Team, PaX address space layout randomization (ASLR). 2003.
[3] H. Etoh and K. Yoda, GCC extension for protecting applications from stack-smashing attacks. 2000.
[4] M. Tran, M. Etheridge, T. Bletsch, X. Jiang, V. Freeh, and P. Ning, \On the expressiveness of return-into-libc attacks," in Recent Advances in Intrusion Detection, 2011, pp. 121141.
[5] H. Shacham, \The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86)," in Proceedings of the 14th ACM Conference on Computer and Communications Security, New York, NY, USA, 2007, pp. 552561.
[6] L. Davi, A.-R. Sadeghi, and M. Winandy, \ROPdefender: A detection tool to defend against return-oriented programming attacks," in Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011, pp. 4051.
[7] I. Fratric, Runtime Prevention of Return-Oriented Programming Attacks. June, 2012.
[8] S. Checkoway, L. Davi, A. Dmitrienko, A.-R. Sadeghi, H. Shacham, and M. Winandy, \Return-oriented Programming Without Returns," in Proceedings of the 17th ACM Conference on Computer and Communications Security, New York, NY, USA, 2010, pp. 559572.
[9] T. Bletsch, X. Jiang, V. W. Freeh, and Z. Liang, \Jump-oriented Programming: A New Class of Code-reuse Attack," in Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, New York, NY, USA, 2011, pp. 3040.
[10] K. Z. Snow, F. Monrose, L. Davi, A. Dmitrienko, C. Liebchen, and A.-R. Sadeghi, \Just-in-time code reuse: On the effectiveness of fine-grained address space layout randomization," in Security and Privacy (SP), 2013 IEEE Symposium on, 2013, pp. 574588.
[11] R. Strackx, Y. Younan, P. Philippaerts, F. Piessens, S. Lachmund, and T.Walter, \Breaking the memory secrecy assumption," in Proceedings of the Second European Workshop on System Security, 2009, pp. 18.
[12] F. J. Serna, CVE-2012-0769, the case of the perfect info leak. 2009.
[13] E. Gkta, E. Athanasopoulos, M. Polychronakis, H. Bos, and G. Portokalidis, "Size does matter: Why using gadget-chain length to prevent code-reuse attacks is hard," in Proceedings of the 23rd USENIX conference on Security Symposium, 2014, pp. 417432.
[14] A.-A. Sadeghi, F. Aminmansour, and H. Shahriari, "Tiny Jump-oriented Programming Attack (A Class of Code Reuse Attacks)," in 12th International ISC Conference on Information Security and Cryptology (ISCISC), Guilan, Iran, 2015.
[15] ZadYree, "HT Editor 2.0.20 Buffer Overflow (ROP PoC)," 13-Nov-2012. [Online]. Available: http://www.exploit-db.com/exploits/22683/.
[16] A. Bacchelli, "Mining challenge 2013: Stack overflow," in The 10th Working Conference on Mining Software Repositories, 2013.
[17] G. Novark and E. D. Berger, "DieHarder: securing the heap," in Proceedings of the 17th ACM conference on Computer and communications security, 2010, pp. 573584.
[18] W. Dietz, P. Li, J. Regehr, and V. Adve, "Understanding integer overflow in C/C++," in Proceedings of the 34th International Conference on Software Engineering, 2012, pp. 760770.
[19] S. M. Pike, B. W.Weide, and J. E. Hollingsworth, "Checkmate: cornering C++ dynamic memory errors with checked pointers," in ACM SIGCSE Bulletin, 2000, vol. 32, pp. 352356.
[20] B. Martin, M. Brown, A. Paller, D. Kirby, and S. Christey, "2011 CWE/SANS top 25 most dangerous software errors," Common Weakness Enumer., vol. 7515, 2011.
[21] A. Francillon and C. Castelluccia, "Code injection attacks on harvard-architecture devices," in Proceedings of the 15th ACM conference on Computer and communications security, 2008, pp. 1526.
[22] S. Andersen and V. Abella, Data Execution Prevention. Changes to Functionality in Microsoft Windows XP Service Pack 2, Part 3: Memory Protection Technologies. 2004.
[23] L. Le, "Payload already inside: datafire-use for ROP exploits," Black Hat USA, 2010.
[24] P. Chen, H. Xiao, X. Shen, X. Yin, B. Mao, and L. Xie, "DROP: Detecting return-oriented programming malicious code," in Information Systems Security, Springer, 2009, pp. 163177.
[25] M. Polychronakis and A. D. Keromytis, "ROP payload detection using speculative code execution," in Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on, 2011, pp. 5865.
[26] C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood, "Pin: building customized program analysis tools with dynamic instrumentation," ACM Sigplan Not., vol. 40, no. 6, pp. 190200, 2005.
[27] F. Yao, J. Chen, and G. Venkataramani, "JOP-alarm: Detecting jump-oriented programming-based anomalies in applications," in Computer Design (ICCD), 2013 IEEE 31st International Conference on, 2013, pp. 467470.
[28] M. Kayaalp, T. Schmitt, J. Nomani, D. Ponomarev, and N. Abu-Ghazaleh, "SCRAP: Architecture for signature-based protection from code reuse attacks," in High Performance Computer Architecture (HPCA2013), 2013 IEEE 19th International Symposium on, 2013, pp. 258269.
[29] Z. Huang, T. Zheng, Y. Shi, and A. Li, "A dynamic detection method against ROP and JOP," in Systems and Informatics (ICSAI), 2012 International Conference on, 2012, pp. 10721077.
[30] V. Pappas, M. Polychronakis, and A. D. Keromytis, "Transparent ROP Exploit Mitigation Using Indirect Branch Tracing.," in USENIX Security, 2013, pp. 447462.
[31] Y. Cheng, Z. Zhou, M. Yu, X. Ding, and R. H. Deng, "ROPecker: A generic and practical approach for defending against ROP attacks," in Symposium on Network and Distributed System Security (NDSS), 2014.
[32] A.A. Sadeghi, F. Aminmansour, and H.R. Shahriari, "Tazhi: A novel technique for hunting trampoline gadgets of jump oriented programming (A class of code reuse attacks)," in Information Security and Cryptology (ISCISC), 2014 11th International ISC Conference on, 2014, pp. 2126.
[33] F. Aminmansour and H. R. Shahriari, "Patulous Code Reuse Attack: A novel code reuse attack on ARM architecture (A proof of concept on Android OS)," in 2015 12th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC), 2015, pp. 104109.
[34] N. Carlini and D.Wagner, "Rop is still dangerous: Breaking modern defenses," in USENIX Security Symposium, 2014.
[35] H. Marco-Gisbert and I. Ripoll, On the Effectiveness of Full-ASLR on 64-bit Linux. DeepSeC, 2014.
[36] L. Davi and F. Monrose, "Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection," in 23rd USENIX Security Symposium.
[37] A. Sotirov and M. Dowd, "Bypassing browser memory protections in Windows Vista," Blackhat USA, 2008.
[38] Mike: Operating Systems Development - Errors, Exceptions, Interruptions. (2008). Mike, "Operating Systems Development - Errors, Exceptions, Interruptions," 2008.
[Online] .Available: http://www.brokenthorn.com/Resources/OSDev15.html.
[39] J. Salwan, "Shellcodes database."
[40] Zad, "87289: HT Editor Filename Handling Over-flow," 2012.
[41] V. Ramachandran, "Demystifying the Execve Shellcode (Stack Method)," 2013. [Online]. Available: http://hackoftheday.securitytube.net/2013/04/demystifying-execve-shellcode-stack.html.
[42] P. Chen, X. Xing, B. Mao, L. Xie, X. Shen, and X. Yin, "Automatic construction of jump-oriented programming shellcode (on the x86)," in Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011, pp. 2029.
[43] P. Chen, X. Xing, H. Han, B. Mao, and L. Xie, "Efficient detection of the return-oriented programming malicious code," in Information Systems Security, Springer, 2011, pp. 140155.
[44] Aminmansour, Farzane, and Hamid Reza Shahriari. "Aggrandizing the beast's limbs: patulous code reuse attack on ARM architecture." The ISC International Journal of Information Security 8, no. 1, 2016, pp. 39-52.