A qualitative framework for evaluating buffer overflow protection mechanisms
作者: N. Raghu Kisore
DOI: 10.1504/IJICS.2016.079187
关键词:
摘要: In the last decade, a large number of buffer overflow protection mechanisms have been proposed in literature. The exponential growth Internet has greatly enhanced chances scale cyber attack. absence quantitative model to answer fundamental question security 'how secure is enough?', we propose qualitative framework based on which review existing better understand their ability prevent/slowdown cyber-attack. We use evaluate 24 different and finally conclude with report card summarise gaps each these mechanisms. believe that this work at least would serve as reference research community practitioners software industry.
acm.org
sci-hub.se 参考文章(63)
Andreas Krennmair, ContraPolice: a libc Extension for Protecting Applications from Heap-Smashing Attacks ,(2003)
Gerardo Richarte, Four dierent tricks to bypass StackShield and StackGuard protection ,(2002)
Perry Wagle, Crispin Cowan, Immunix, StackGuard: Simple Stack Smash Protection for GCC ,(2004)
Peng Ning, Chongkyung Kil, Mechanisms for protecting software integrity in networked systems North Carolina State University. ,(2008)
Juan Caballero, Noah M. Johnson, Stephen McCamant, Dawn Song, Binary Code Extraction and Interface Identification for Security Applications network and distributed system security symposium. ,(2009) , 10.21236/ADA538737
Eldad Eilam, Reversing: Secrets of Reverse Engineering ,(2005)
B. Cornelissen, Dynamic Analysis Techniques for the Reconstruction of Architectural Views Technical Report Series TUD-SERG-2007-024. ,(2007)
Paruj Ratanaworabhan, Benjamin Livshits, Benjamin Zorn, NOZZLE: a defense against heap-spraying code injection attacks usenix security symposium. pp. 169- 186 ,(2009)
Matthew S. Simpson, Rajeev K. Barua, MemSafe: ensuring the spatial and temporal memory safety of C at runtime Software - Practice and Experience. ,vol. 43, pp. 93- 128 ,(2013) , 10.1002/SPE.2105
Monica S. Lam, Olatunji Ruwase, A practical dynamic buffer overflow detector network and distributed system security symposium. pp. 159- 169 ,(2004)