A System Call Randomization Based Method for Countering Code-Injection Attacks
نویسندگان
چکیده
منابع مشابه
Countering Code Injection Attacks: A Unified Approach
Code injection exploits a software vulnerability through which a malicious user can make an application run unauthorized code. Server applications frequently employ dynamic and domain-specific languages, which are used as vectors for the attack. We propose a generic approach that prevents the class of injection attacks involving these vectors: our scheme detects attacks by using location-specif...
متن کاملPrevention of Code-Injection Attacks by Encrypting System Call Arguments
Buffer overflow attacks are still a serious threat to the security of software systems. One of the most important classes of buffer overflow attacks is code-injection attacks, in which malicious code is injected into a memory area of vulnerable software and eventually executed. In this paper, we propose a simple and effective method for preventing code-injection attacks. The basic idea is to ad...
متن کاملCountering SQL Injection Attacks with a Database Driver
SQL injection attacks involve the construction of application input data that will result in the execution of malicious SQL statements. Many web applications today, are prone to SQL injection attacks. This paper proposes a novel methodology of preventing this kind of attacks by placing a secure database driver between the application and its underlying relational database management system. To ...
متن کاملSide channel parameter characteristics of code injection attacks
Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...
متن کاملCode Injection Attacks on HTML5-based Mobile Apps
HTML5-based mobile apps become more and more popular, mostly because they are much easier to be ported across different mobile platforms than native apps. HTML5-based apps are implemented using the standard web technologies, including HTML5, JavaScript and CSS; they depend on some middlewares, such as PhoneGap, to interact with the underlying OS. Knowing that JavaScript is subject to code injec...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Information Technology and Computer Science
سال: 2009
ISSN: 2074-9007,2074-9015
DOI: 10.5815/ijitcs.2009.01.01