![]() ![]() ![]() of the 17th Large Installation Systems Administrators Conf., San Diego, CA (2003) Robertson, W., Kruegel, C., Mutz, D., Valeur, F.: Run-time detection of heap-based overflows. Younan, Y., Pozza, D., Joosen, W., Piessens, F.: Extended protection against stack smashing attacks without performance loss. In: Second Workshop on Evaluating and Architecting System dependabilitY, San Jose, CA (2002) Xu, J., Kalbarczyk, Z., Patel, S., Ravishankar, K.I.: Architecture support for defending against buffer overflow attacks. Technical report, IBM Research Divison, Tokyo Research Laboratory (2000)īaratloo, A., Singh, N., Tsai, T.: Transparent run-time defense against stack smashing attacks. of the 7th USENIX Security Symp., San Antonio, TX (1998)Įtoh, H., Yoda, K.: Protecting from stack-smashing attacks. on Foundations of Software Engineering, Newport Beach, CA (2004)Ĭowan, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. Xu, W., DuVarney, D.C., Sekar, R.: An Efficient and Backwards-Compatible Transformation to Ensure Memory Safety of C Programs. of the 11th Network and Distributed System Security Symp., San Diego, CA (2004) Ruwase, O., Lam, M.S.: A practical dynamic buffer overflow detector. Workshop on Automatic Debugging, Linköping, Sweden (1997) Jones, R.W.M., Kelly, P.H.J.: Backwards-compatible bounds checking for arrays and pointers in C programs. on Programming Language Design and Implementation, Orlando, FL (1994) Technical Report CW386, Departement Computerwetenschappen, Katholieke Universiteit Leuven (2004)Īustin, T.M., Breach, S.E., Sohi, G.S.: Efficient detection of all pointer and array access errors. Younan, Y., Joosen, W., Piessens, F.: Code injection in C and C++: A survey of vulnerabilities and countermeasures. ![]() This process is experimental and the keywords may be updated as the learning algorithm improves.Īleph One: Smashing the stack for fun and profit. These keywords were added by machine and not by the authors. Benchmarks show that this implementation has a negligible, sometimes even beneficial, impact on performance. We implemented our approach by modifying an existing widely-used memory allocator. In this paper we present an approach that, when applied to a memory allocator, will protect against this attack vector without resorting to magic. Hence, if attackers are able to read arbitrary memory locations, they can bypass the countermeasure. A secret value is placed before a crucial memory location and by monitoring whether the value has changed, overruns can be detected. All existing countermeasures with low performance overhead rely on magic values or canaries. Overwriting the management information of the memory allocation library is often a source of attack on these vulnerabilities. Bugs in dynamic memory management, including for instance heap-based buffer overflows and dangling pointers, are an important source of vulnerabilities in C and C++. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |