Internet and the proliferation of opensource programs that have given source code informations to exploit vulnerabilities of applications, made buffer overflow attacks more common and insidious methods to compromise software security.
Since these attacks require knowledge of the memory layout schema, the basic idea to design a countermeasure is to randomize locations of target memory areas. Address Space Layout Randomization is a method for randomizing the address space layout of a program. An analysis of benefits and drawbacks of the method is provided in order to discuss possible choices to avoid or reduce the risk of attacks.
Download full paper here
