Název:  Analysis of methods of protection against security holes in software
Řešitel: Jiří Kosina
Vedoucí: Pavel Kaňkovský

The goal of the work is to prepare a detailed analysis of techniques used
to attack and exploit security vulnerabilities in software and to propose
general countermeasures against these techniques. The work should focus
on methods of protection "behind" vulnerable programs themselves, such
as automatic code transformations (either during compilation or after
it), modifications of operating system components (system libraries,
kernel) or even modifications of the hardware. The primary motivation is
to thwart attacks against vulnerabilities known exclusively to the
attacker. A part of of the work will be a sample implementation of some
of the proposed countermeasures.

Literature:
[1] PointGuard: Protecting pointers from buffer overflow,
    http://www.net-security.org/dl/articles/pointguard_usenix_security2003.pdf
[2] PaX project, http://pax.grsecurity.net/docs/index.html
[3] Phrack Magazine, http://www.phrack.org/
[4] Defeating Solar Designer's non-executable stack patch, Rafal Wojtzuk,
    http://www.securityfocus.com/archive/1/199801301709.SAA12206@galera.icm.edu.pl
[5] grsecurity project, http://grsecurity.net/papers.php