HeapSentry: kernel-assisted protection against heap overflows
作者: Nick Nikiforakis , Frank Piessens , Wouter Joosen
DOI: 10.1007/978-3-642-39235-1_11
关键词:
摘要: The last twenty years have witnessed the constant reaction of security community to memory corruption attacks and evolution attacking techniques in order circumvent newly-deployed countermeasures. In this evolution, heap a process received little attention thus today, problem overflows is largely unsolved. In paper we present HeapSentry, system designed detect stop overflow through cooperation allocation library program operating system's kernel. HeapSentry places unique random canaries at end each object which are later checked by kernel, before calls allowed proceed. operates on binaries (no source code needed) has, design, no false-positives. At same time, active involvement kernel provides stronger guarantees than current state art protection mechanisms for modest performance overhead.
core.ac.uk
springer.com
securitee.org参考文章(31)
Ravishankar K. Iyer, Emre C. Sezer, Shuo Chen, Prachi Gauriar, Jun Xu, Non-control-data attacks are realistic threats usenix security symposium. pp. 12- 12 ,(2005)
Paul H. J. Kelly, Richard W. M. Jones, Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs Proceedings of the 3rd International Workshop on Automatic Debugging; 1997 (AADEBUG-97). pp. 13- 26 ,(1997)
Niels Provos, Improving host security with system call policies usenix security symposium. pp. 18- 18 ,(2003)
Chris Anley, David Litchfield, Dave Aitel, Riley Hassell, Jack Koziol, Sinan Eren, Neel Mehta, The Shellcoder's Handbook: Discovering and Exploiting Security Holes ,(2004)
Daniel C. DuVarney, Sandeep Bhatkar, R. Sekar, Address obfuscation: an efficient approach to combat a board range of memory error exploits usenix security symposium. pp. 8- 8 ,(2003)
Sandeep Bhatkar, R. Sekar, Data Space Randomization international conference on detection of intrusions and malware and vulnerability assessment. pp. 1- 22 ,(2008) , 10.1007/978-3-540-70542-0_1
Perry Wagle, Jonathan Walpole, Calton Pu, Steve Beattie, Aaron Grier, Crispin Cowan, Heather Hintony, Qian Zhang, Peat Bakke, Dave Maier, StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks usenix security symposium. pp. 5- 5 ,(1998)
Manuel Egele, Peter Wurzinger, Christopher Kruegel, Engin Kirda, Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 88- 106 ,(2009) , 10.1007/978-3-642-02918-9_6
Yves Younan, Wouter Joosen, Frank Piessens, Efficient protection against heap-based buffer overflows without resorting to magic international conference on information and communication security. ,vol. 4307, pp. 379- 398 ,(2006) , 10.1007/11935308_27
C. Collberg, S. K. Debray, J. H. Hartman, M. Rajagopalan, C. M. Linn, S. Baker, Protecting against unexpected system calls usenix security symposium. pp. 16- 16 ,(2005)