Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ESORICS
2004
Springer
2004
Springer
ARCHERR: Runtime Environment Driven Program Safety
Parameters of a program’s runtime environment such as the machine architecture and operating system largely determine whether a vulnerability can be exploited. For example, the machine word size is an important factor in an integer overflow attack and likewise the memory layout of a process in a buffer or heap overflow attack. In this paper, we present an analysis of the effects of a runtime environment on a language’s data types. Based on this analysis, we have developed Archerr, an automated one-pass source-to-source transformer that derives appropriate architecture dependent runtime safety error checks and inserts them in C source programs. Our approach achieves comprehensive vulnerability coverage against a wide array of program-level exploits including integer overflows/underflows. We demonstrate the efficacy of our technique on versions of C programs with known vulnerabilities such as Sendmail. We have benchmarked our technique and the results show that it is in general...
Real-time TrafficESORICS 2004 | Overflow Attack | Program’s Runtime Environment | Runtime Environment | Security Privacy |
Related Content
| Added | 01 Jul 2010 |
| Updated | 01 Jul 2010 |
| Type | Conference |
| Year | 2004 |
| Where | ESORICS |
| Authors | Ramkumar Chinchani, Anusha Iyer, Bharat Jayaraman, Shambhu J. Upadhyaya |
Comments (0)
Researcher Info
|
