Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SOSP
2007
ACM
2007
ACM
Bouncer: securing software by blocking bad input
Attackers exploit software vulnerabilities to control or crash programs. Bouncer uses existing software instrumentation techniques to detect attacks and it generates filters automatically to block exploits of the target vulnerabilities. The filters are deployed automatically by instrumenting system calls to drop exploit messages. These filters introduce low overhead and they allow programs to keep running correctly under attack. Previous work computes filters using symbolic execution along the path taken by a sample exploit, but attackers can bypass these filters by generating exploits that follow a different execution path. Bouncer introduces three techniques to generalize filters so that they are harder to bypass: a new form of program slicing that uses a combination of static and dynamic analysis to remove unnecessary conditions from the filter; symbolic summaries for common library functions that characterize their behavior succinctly as a set of conditions on the input; a...
Real-time TrafficAttackers Exploit Software | Different Execution Path | Operating System | SOSP 2007 | Symbolic Execution Permission |
Related Content
| Added | 17 Mar 2010 |
| Updated | 17 Mar 2010 |
| Type | Conference |
| Year | 2007 |
| Where | SOSP |
| Authors | Manuel Costa, Miguel Castro, Lidong Zhou, Lintao Zhang, Marcus Peinado |
Comments (0)
Researcher Info
|
