Many countermeasures exist to protect the stack and heap from code injection attacks, however very few countermeasures exist that will specifically protect global and static variables from attack. In this paper we suggest a way of protecting global and static variables from these type of attacks, with negligible performance and memory overheads. CR Subject Classification : K6.5, D3.4, D4.2

Malware predominantly employs code injections, which allow to run code in the trusted context of another process. This enables malware, for instance, to secretly operate or to intercept critical information. It is crucial for analysts to quickly detect injected code. While there are systems to detect code injections in memory dumps, they suffer from unsatisfying detection rates or their detecti...

----------------------------------------------------------------------ABSTRACT----------------------------------------------------------False data injection attack is a serious threat to wireless sensor network. In this paper, a node legitimacy based false data filtering scheme (NLFS) is proposed. NLFS verifies not only message authentication codes (MACs) contains in reports, but also the legit...

Most memory allocators ignore security issues. Instead they focus on maximizing performance and limiting fragmentation and waste. While these are very important issues for a memory allocator, in the days of worms that use code injection attacks to cause significant economical damage, security can not be ignored. This paper evaluates a representative set of commonly used memory allocators for C ...

This paper presents a set of attacks against SCADA control systems. The attacks are grouped into 4 classes; reconnaissance, response and measurement injection, command injection and denial of service. The 4 classes are defined and each attack is described in detail. The response and measurement injection and command injection classes are subdivided into sub-classes based on attack complexity. E...

In many web communities, users are assigned a reputation based on ratings on their past contributions, and this reputation in turn influences the recommendation level of their future contributions. In this type of system, there is potentially an incentive for authors to copy highly-rated content in order to boost their reputation and influence within the system. We describe this strategy as a c...

False data injection attack and PDoS (path-based Denial of Service) attack are serious threats in wireless sensor networks. Existing schemes can effectively resist false data injection and PDoS attacks, but most of them can not find out the compromised node when the base station or sink node detect the report is invalid. In this paper, we propose a false data injection-resilient security routin...

Code-reuse attacks, such as return-oriented programming (ROP), bypass defenses against code injection by repurposing existing executable code toward a malicious end. A common feature of these attacks is the reliance on the knowledge of the layout of the executable code. We propose a fine grained randomization based approach that modifies the layout of executable code and hinders code-reuse atta...