HeapTherapy: An Efficient End-to-End Solution against Heap Buffer Overflows
作者: Qiang Zeng , Mingyi Zhao , Peng Liu
DOI: 10.1109/DSN.2015.54
关键词: Distributed computing 、 Heartbleed 、 Computer network 、 Computer science 、 Heap (data structure) 、 Software bug 、 Exploit 、 End-to-end principle 、 Buffer overflow 、 Heap overflow 、 File Transfer Protocol
摘要: For decades buffer overflows have been one of the most prevalent and dangerous software vulnerabilities. Although many techniques proposed to address problem, they mostly introduce a very high overhead while others assume availability separate system pinpoint attacks or provide detailed traces for defense generation, which is slow in itself requires considerable extra resources. We propose an efficient solution against heap that integrates exploit detection, overflow prevention single system, named Heap Therapy. During program execution it conducts on-the-fly lightweight trace collection initiates automated diagnosis upon detection generate defenses real-time. It can handle both over-write over-read attacks, such as recent Heartbleed attack. The has no false positives, keeps effective under polymorphic exploits.%as generated captures semantic characteristics exploits. compliant with mainstream hardware operating systems, does not rely on specific allocation algorithms. evaluated Therapy variety services (database, web, ftp) benchmarks (SPEC CPU2006), incurs low average terms speed (6.2%) memory (7.7%).
computer.org
elsevier.com
acm.org 
sci-hub.se 参考文章(40)
Brad Karp, Hyang-Ah Kim, Autograph: toward automated, distributed worm signature detection usenix security symposium. pp. 19- 19 ,(2004)
Paul H. J. Kelly, Richard W. M. Jones, Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs Proceedings of the 3rd International Workshop on Automatic Debugging; 1997 (AADEBUG-97). pp. 13- 26 ,(1997)
Michael E. Locasto, Angelos D. Keromytis, Stelios Sidiroglou, Stephen W. Boyd, Building a reactive immune system for software services usenix annual technical conference. pp. 11- 11 ,(2005) , 10.7916/D86D6562
Paruj Ratanaworabhan, Benjamin Livshits, Benjamin Zorn, NOZZLE: a defense against heap-spraying code injection attacks usenix security symposium. pp. 169- 186 ,(2009)
Martin Rinard, Cristian Cadar, William S. Beebee, Daniel M. Roy, Tudor Leu, Daniel Dumitran, Enhancing server availability and security through failure-oblivious computing operating systems design and implementation. pp. 21- 21 ,(2004)
Monica S. Lam, Olatunji Ruwase, A practical dynamic buffer overflow detector network and distributed system security symposium. pp. 159- 169 ,(2004)
Daniel C. DuVarney, Sandeep Bhatkar, R. Sekar, Address obfuscation: an efficient approach to combat a board range of memory error exploits usenix security symposium. pp. 8- 8 ,(2003)
Eric A. Brewer, Alexander Aiken, David A. Wagner, Jeffrey S. Foster, A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. network and distributed system security symposium. ,(2000)
Jun Wang, Mingyi Zhao, Qiang Zeng, Dinghao Wu, Peng Liu, Risk Assessment of Buffer "Heartbleed" Over-Read Vulnerabilities 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. pp. 555- 562 ,(2015) , 10.1109/DSN.2015.59
Perry Wagle, Jonathan Walpole, Calton Pu, Steve Beattie, Aaron Grier, Crispin Cowan, Heather Hintony, Qian Zhang, Peat Bakke, Dave Maier, StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks usenix security symposium. pp. 5- 5 ,(1998)