Sciweavers

CCS
2007
ACM

Memsherlock: an automated debugger for unknown memory corruption vulnerabilities

13 years 9 months ago
Memsherlock: an automated debugger for unknown memory corruption vulnerabilities
Software vulnerabilities have been the main contributing factor to the Internet security problems such as fast spreading worms. Among these software vulnerabilities, memory corruption vulnerabilities such as buffer overflow and format string bugs have been the most common ones exploited by network-based attacks. Many security countermeasures (e.g., patching, automatic signature generation for intrusion detection systems) require vulnerability information to function correctly. However, despite many years of research, automatically identifying unknown software vulnerabilities still remains an open problem. In this paper, we present the development of a security debugging tool named MemSherlock, which can automatically identify unknown memory corruption vulnerabilities upon the detection of malicious payloads that exploit such vulnerabilities. MemSherlock provides critical information for unknown memory corruption vulnerabilities, including (1) the corruption point in the source code ...
Emre Can Sezer, Peng Ning, Chongkyung Kil, Jun Xu
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where CCS
Authors Emre Can Sezer, Peng Ning, Chongkyung Kil, Jun Xu
Comments (0)