Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2005
ACM
2005
ACM
Automatic diagnosis and response to memory corruption vulnerabilities
Cyber attacks against networked computers have become relentless in recent years. The most common attack method is to exploit memory corruption vulnerabilities such as buffer overflow and format string bugs. This paper presents a technique to automatically identify both known and unknown memory corruption vulnerabilities. Based on the observation that a randomized program usually crashes upon a memory corruption attack, this technique uses the crash as a trigger to initiate an automatic diagnosis algorithm. The output of the diagnosis includes the instruction that is tricked to corrupt data, the call stack at the time of corruption, and the propagation history of corrupted data. These results provide useful information in fixing the vulnerabilities. Moreover, the diagnosis process also generates a signature of the attack using data/address values embedded in the malicious input message, and is used to block future attacks. Such a signature is further associated with the program exe...
Real-time TrafficCCS 2005 | Memory Corruption | Memory Corruption Attack | Memory Corruption Vulnerabilities | Security Privacy |
| Added | 26 Jun 2010 |
| Updated | 26 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | CCS |
| Authors | Jun Xu, Peng Ning, Chongkyung Kil, Yan Zhai, Christopher Bookholt |
Comments (0)
Researcher Info
|
