Proceedings ArticleDOI
Buffer overflows: attacks and defenses for the vulnerability of the decade
Crispin Cowan,Perry Wagle,Calton Pu,S. Beattie,Jonathan Walpole +4 more
- pp 227-237
Reads0
Chats0
TLDR
This paper surveys the various types of buffer overflows, and survey the various defensive measures that mitigate buffer overflow vulnerabilities, including the authors' own StackGuard method, to consider which combinations of techniques can eliminate the problem of buffer overflow deficiencies, while preserving the functionality and performance of existing systems.Abstract:
Buffer overflows have been the most common form of security vulnerability for the last ten years. More over, buffer overflow vulnerabilities dominate the area of remote network penetration vulnerabilities, where an anonymous Internet user seeks to gain partial or total control of a host. If buffer overflow vulnerabilities could be effectively eliminated, a very large portion of the most serious security threats would also be eliminated. In this paper, we survey the various types of buffer overflow vulnerabilities and attacks, and survey the various defensive measures that mitigate buffer overflow vulnerabilities, including our own StackGuard method. We then consider which combinations of techniques can eliminate the problem of buffer overflow vulnerabilities, while preserving the functionality and performance of existing systems.read more
Citations
More filters
Proceedings ArticleDOI
Intrusion detection via static analysis
David Wagner,R. Dean +1 more
TL;DR: It is shown how static analysis may be used to automatically derive a model of application behavior and the result is a host-based intrusion detection system with three advantages: a high degree of automation, protection against a broad class of attacks based on corrupted code, and the elimination of false alarms.
Proceedings ArticleDOI
SoftBound: highly compatible and complete spatial memory safety for c
TL;DR: Inspired by HardBound, a previously proposed hardware-assisted approach, SoftBound similarly records base and bound information for every pointer as disjoint metadata, which enables SoftBound to provide spatial safety without requiring changes to C source code.
Proceedings ArticleDOI
Anomaly detection using call stack information
TL;DR: Experiments show that the proposed new method to do anomaly detection using call stack information can detect some attacks that cannot be detected by other approaches, while its convergence and false positive performance is comparable to or better than the other approaches.
Proceedings Article
Pointguard TM : protecting pointers from buffer overflow vulnerabilities
TL;DR: The PointGuard implementation is described, its overhead is shown to be low when protecting real security-sensitive applications such as OpenSSL, and it is shown that PointGuard is effective in defending against buffer overflow vulnerabilities that are not blocked by previous defenses.
Proceedings ArticleDOI
Randomized instruction set emulation to disrupt binary code injection attacks
Elena Gabriela Barrantes,David H. Ackley,Stephanie Forrest,Trek S. Palmer,Darko Stefanovic,Dino Dai Zovi +5 more
TL;DR: RISE as discussed by the authors is a randomized instruction set emulator based on the open-source Valgrind x86-to-x86 binary translator, which is designed to resist binary code injection attacks.
References
More filters
Book
Compilers: Principles, Techniques, and Tools
TL;DR: This book discusses the design of a Code Generator, the role of the Lexical Analyzer, and other topics related to code generation and optimization.
Proceedings Article
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
Crispin Cowan,Calton Pu,Dave Maier,Heather Hintony,Jonathan Walpole,Peat Bakke,Steve Beattie,Aaron Grier,Perry Wagle,Qian Zhang +9 more
TL;DR: StackGuard is described: a simple compiler technique that virtually eliminates buffer overflow vulnerabilities with only modest performance penalties, and a set of variations on the technique that trade-off between penetration resistance and performance.
Proceedings Article
A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities.
TL;DR: The design and prototype of a new technique for finding potential buffer overrun vulnerabilities in security-critical C code are implemented and used to find new remotely-exploitable vulnerabilities in a large, widely deployed software package.
Journal ArticleDOI
The internet worm program: an analysis
TL;DR: The paper contains a review of the security flaws exploited by the worm program, and gives some recommendations on how to eliminate or mitigate their future use.