Memory-Size-Assisted Buffer Overflow Detection
نویسندگان
چکیده
-Since the first buffer overflow problem occurred, many detection techniques have been presented. These techniques are effective in detecting most attacks, but some attacks still remain undetected. In order to be more effective, a memory-size-assisted buffer overflow detection(MBOD) is presented. The key feature of buffer overflow is that the size of the source memory is bigger than the size of the destination memory when memory copying operation occurs. By capturing memory copying operation and comparing memory size at run time, MBOD detects buffer overflow. MBOD collects the information of memory size in both dynamic way and static way. An implementation shows that the technique is feasible.
منابع مشابه
Program Slicing Based Buffer Overflow Detection
The development of the information technology has brought threats to human society when it has influenced seriously the global politics, economics and military etc. But among the security of information system, buffer overrun vulnerability is undoubtedly one of the most important and common vulnerabilities. This paper describes a new technology, named program slicing, to detect the buffer overf...
متن کاملDwarf Frankenstein is still in your memory: tiny code reuse attacks
Code reuse attacks such as return oriented programming and jump oriented programming are the most popular exploitation methods among attackers. A large number of practical and non-practical defenses are proposed that differ in their overhead, the source code requirement, detection rate and implementation dependencies. However, a usual aspect among these methods is consideration of the common be...
متن کاملA Taxonomy of Buffer Overflows for Evaluating Static and Dynamic Software Testing Tools*
A taxonomy that uses twenty-two attributes to characterize Cprogram overflows was used to construct 291 small C-program test cases that can be used to diagnostically determine the basic capabilities of static and dynamic analysis buffer overflow detection tools. Attributes in the taxonomy include the buffer location (e.g. stack, heap, data region, BSS, shared memory); scope difference between b...
متن کاملType-Assisted Dynamic Buffer Overflow Detection
Programs written in C are inherently vulnerable to buffer overflow attacks. Functions are frequently passed pointers as parameters without any hint of their sizes. Since their sizes are unknown, most run time buffer overflow detection techniques instead rely on signatures of known attacks or loosely estimate the range of the referenced buffers. Although they are effective in detecting most atta...
متن کاملSecure Cache: Run-Time Detection and Prevention of Buffer Overflow Attacks
This paper shows a novel cache architecture, called SCache, to detect and prevent buffer-overflow attacks at run time. A number of malicious codes exploit buffer-overflow vulnerability to alter a return-address value and hijack the program-execution control. In order to solve the security issue, SCache generates replica cache lines on each return-address store, and compares the original value l...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JSW
دوره 9 شماره
صفحات -
تاریخ انتشار 2014