Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2009
IEEE
2009
IEEE
Online Signature Generation for Windows Systems
—In this paper, we present a new, light-weight approach for generating filters for blocking buffer overflow attacks on Microsoft Windows systems. It is designed to be deployable as an “always on” component on production systems. To achieve this goal, it avoids expensive and intrusive techniques such as taint-tracking. The online nature of our system enables it to provide protection from a range of memory corruption exploits, including those involving unknown vulnerabilities, or known vulnerabilities but unknown exploits. In contrast, most previous signature generation techniques need to be run in sandboxed environments, and need working exploits to generate signatures. Moreover, our technique overcomes the “gap” problem faced by previous signature generation mechanisms, i.e., when the vulnerable memory region is corrupted between the overflow and the time an attack is detected. Another novel feature of our approach is that it is able to reason about likely lengths of vulne...
Real-time TrafficACSAC 2009 | Microsoft Windows Systems | Security Privacy | Signature Generation Mechanisms | Signature Generation Techniques |
Related Content
| Added | 18 May 2010 |
| Updated | 18 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ACSAC |
| Authors | Lixin Li, James E. Just, R. Sekar |
Comments (0)
Researcher Info
|
