Buffer overflows: attacks and defenses for the vulnerability of the decade

Cowan, Crispin; Wagle, Perry; Pu, Calton; Beattie, Steve; Walpole, Jonathan

doi:10.1109/fits.2003.1264935

Cited by 132 publications

(138 citation statements)

References 3 publications

Supporting

Mentioning

137

Contrasting

Unclassified

Order By: Relevance

“…Unsurprisingly, buffer overflow vulnerabilities dominate in the area of remote network penetration vulnerabilities [42]. The reality is that there are millions of lines of code invested in existing operating systems and securitysensitive applications, and the vast majority of that code is written in C. For instance, the Java Virtual Machine (JVM) is also a C program, and one of the ways to attack a JVM is to conduct buffer overflow attacks to the JVM itself [44].…”

Section: Overviewmentioning

confidence: 99%

See 1 more Smart Citation

Goal-oriented dynamic test generation

Khoo

Fong

et al. 2015

Information and Software Technology

View full text Add to dashboard Cite

Section: Overviewmentioning

confidence: 99%

“…Considerable research effort has attempted to develop static analysis tools and check security vulnerabilities in real world software applications [31], [32], [42], [80], [135]. Empirical studies have been also carried out to evaluate proposed static analysis techniques and tools [42], [80].…”

Section: Literature Reviewmentioning

confidence: 99%

Goal-oriented dynamic test generation

Khoo

Fong

et al. 2015

Information and Software Technology

View full text Add to dashboard Cite

“…The notable methods are StackGuard [6,32,33,34] and ProPolice [7]. StackGuard assumes that return addresses must not be modified after creation and hence puts a canary word adjacent to the return address.…”

Section: Canary Wordsmentioning

confidence: 99%

Survey of Protections from Buffer-Overflow Attacks

Piromsopa¹,

Enbody²

2011

View full text Add to dashboard Cite

Abstract. Buffer-overflow attacks began two decades ago and persist today. Over that time, a number of researchers have proposed many solutions. Their targets were either to prevent or to protect against buffer-overflow attacks. As defenses improved, attacks adapted and became more complicated. Given the maturity of field and the fact that some solutions now exist that can prevent most buffer-overflow attacks, it is time to examine these schemes and their critical issues. In this survey, approaches were categorized into three board categories to provide a basis for understanding bufferoverflow protection schemes.

show abstract

“…Several techniques detect buffer overflow attacks by checking the integrity of control data (i.e., return address, frame pointers, etc) [3,11]. StackGuard [6,7] and ProPolice [9] place canary values between local buffers and control data on stacks to check if the control data was corrupted due to buffer overflow. StackSheild [13] and RAD [4] copy the return address into a global return stack so that they can check the integrity of the return address in the function epilog.…”

Section: Buffer Overflow Detectionmentioning

confidence: 99%

“…Numerous approaches have been proposed to detect buffer overflow attacks. Static analysis techniques [1,2] analyze the source code of the service programs to detect memory error problems while dynamic techniques [3][4][5][6][7][8][9][10][11][12][13] check data integrity during program execution. Although these techniques effectively detect attacks, they can not protect the processes from being compromised, and thus terminating the compromised processes is necessary to prevent further error propagation.…”

Section: Introductionmentioning

confidence: 99%

A Lightweight Buffer Overflow Protection Mechanism with Failure-Oblivious Capability

Lee

Chiu

Chang

2009

Algorithms and Architectures for Parallel Processing

View full text Add to dashboard Cite

Abstract. Buffer overflow has become a major source of network security vulnerability. Traditional schemes for detecting buffer overflow attacks usually terminate the attacked service, degrading the service availability. In this paper, we propose a lightweight buffer overflow protection mechanism that allows continued network service. The proposed mechanism allows a service program to reconfigure itself to identify and protect the vulnerable functions upon buffer overflow attacks. Protecting only the vulnerable functions, instead of the whole program, keeps the runtime overhead small. Moreover, the mechanism adopts the idea of failure-oblivious computing to allow service programs to execute through memory errors caused by the attacks once the vulnerable functions have been identified, eliminating the need of restarting the service program upon further attacks to the vulnerable functions. We have applied the mechanism on five Internet servers. The experiment results show that the mechanism has little impact on the runtime performance.

show abstract

Buffer overflows: attacks and defenses for the vulnerability of the decade

Cited by 132 publications

References 3 publications

Goal-oriented dynamic test generation

Goal-oriented dynamic test generation

Survey of Protections from Buffer-Overflow Attacks

A Lightweight Buffer Overflow Protection Mechanism with Failure-Oblivious Capability

Contact Info

Product

Resources

About