S
Steve Beattie
Researcher at Oregon Health & Science University
Publications - 7
Citations - 2696
Steve Beattie is an academic researcher from Oregon Health & Science University. The author has contributed to research in topics: Buffer overflow & Stack buffer overflow. The author has an hindex of 7, co-authored 7 publications receiving 2616 citations.
Papers
More filters
Proceedings Article
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
Crispin Cowan,Calton Pu,Dave Maier,Heather Hintony,Jonathan Walpole,Peat Bakke,Steve Beattie,Aaron Grier,Perry Wagle,Qian Zhang +9 more
TL;DR: StackGuard is described: a simple compiler technique that virtually eliminates buffer overflow vulnerabilities with only modest performance penalties, and a set of variations on the technique that trade-off between penetration resistance and performance.
Proceedings Article
Pointguard TM : protecting pointers from buffer overflow vulnerabilities
TL;DR: The PointGuard implementation is described, its overhead is shown to be low when protecting real security-sensitive applications such as OpenSSL, and it is shown that PointGuard is effective in defending against buffer overflow vulnerabilities that are not blocked by previous defenses.
Proceedings Article
FormatGuard: automatic protection from printf format string vulnerabilities
TL;DR: This paper describes the format bug problem, and FormatGuard is a small patch to glibc that provides general protection against format bugs that is effective in protecting several real programs with format vulnerabilities against live exploits.
Proceedings Article
Timing the Application of Security Patches for Optimal Uptime
TL;DR: A model is presented that will help provide a formal foundation for when the practitioner should apply security updates, providing both mathematical models of the factors affecting when to patch and collecting empirical data to give the model practical value.
Proceedings Article
SubDomain: Parsimonious Server Security
TL;DR: SubDomain is presented: an OS extension designed to provide sufficient security to prevent vulnerability rot in Internet server platforms, and yet simple enough to minimize the performance, administrative, and implementation costs.