Integrating offline analysis and online protection to defeat buffer overflow attacks

Donghai Tian; Xi Xiong; Changzhen Hu; Peng Liu

doi:10.1007/978-3-642-18178-8_34

Integrating offline analysis and online protection to defeat buffer overflow attacks

Donghai Tian^*, Xi Xiong, Changzhen Hu, Peng Liu

^*此作品的通讯作者

Pennsylvania State University

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

1 引用（Scopus）

摘要

Nowadays Buffer overflow attacks are still recognized as one of the most severe threats in software security. Previous solutions suffer from limitations in that: 1) Some methods based on compiler extensions have limited practicality because they need to access source code; 2) Other methods that need to modify some aspects of the operating system or hardware require much deployment effort; 3) Almost all methods are unable to deploy a runtime protection for programs that cannot afford to restart. In this paper, we propose PHUKO, an on-the-fly buffer overflow prevention system which leverages virtualization technology. PHUKO offers the protected program a fully transparent environment and an easy deployment without the need to restart the program. The experiments show that our system can defend against realistic buffer overflow attacks effectively with moderate performance overhead.

源语言	英语
主期刊名	Information Security - 13th International Conference, ISC 2010, Revised Selected Papers
出版商	Springer Verlag
页	409-415
页数	7
ISBN（印刷版）	9783642181771
DOI	https://doi.org/10.1007/978-3-642-18178-8_34
出版状态	已出版 - 2011

出版系列

姓名	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
卷	6531 LNCS
ISSN（印刷版）	0302-9743
ISSN（电子版）	1611-3349

访问文件

10.1007/978-3-642-18178-8_34

其它文件与链接

链接到 Scopus 的出版物

引用此

Tian, D., Xiong, X., Hu, C., & Liu, P. (2011). Integrating offline analysis and online protection to defeat buffer overflow attacks. 在 Information Security - 13th International Conference, ISC 2010, Revised Selected Papers (页码 409-415). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 卷 6531 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-642-18178-8_34

Tian, Donghai ; Xiong, Xi ; Hu, Changzhen 等. / Integrating offline analysis and online protection to defeat buffer overflow attacks. Information Security - 13th International Conference, ISC 2010, Revised Selected Papers. Springer Verlag, 2011. 页码 409-415 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{46ff39d90a1b4f619b513970f71aaf68,

title = "Integrating offline analysis and online protection to defeat buffer overflow attacks",

abstract = "Nowadays Buffer overflow attacks are still recognized as one of the most severe threats in software security. Previous solutions suffer from limitations in that: 1) Some methods based on compiler extensions have limited practicality because they need to access source code; 2) Other methods that need to modify some aspects of the operating system or hardware require much deployment effort; 3) Almost all methods are unable to deploy a runtime protection for programs that cannot afford to restart. In this paper, we propose PHUKO, an on-the-fly buffer overflow prevention system which leverages virtualization technology. PHUKO offers the protected program a fully transparent environment and an easy deployment without the need to restart the program. The experiments show that our system can defend against realistic buffer overflow attacks effectively with moderate performance overhead.",

author = "Donghai Tian and Xi Xiong and Changzhen Hu and Peng Liu",

year = "2011",

doi = "10.1007/978-3-642-18178-8_34",

language = "English",

isbn = "9783642181771",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "409--415",

booktitle = "Information Security - 13th International Conference, ISC 2010, Revised Selected Papers",

address = "Germany",

}

Tian, D, Xiong, X, Hu, C & Liu, P 2011, Integrating offline analysis and online protection to defeat buffer overflow attacks. 在 Information Security - 13th International Conference, ISC 2010, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 卷 6531 LNCS, Springer Verlag, 页码 409-415. https://doi.org/10.1007/978-3-642-18178-8_34

Integrating offline analysis and online protection to defeat buffer overflow attacks. / Tian, Donghai; Xiong, Xi; Hu, Changzhen 等.
Information Security - 13th International Conference, ISC 2010, Revised Selected Papers. Springer Verlag, 2011. 页码 409-415 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 卷 6531 LNCS).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - Integrating offline analysis and online protection to defeat buffer overflow attacks

AU - Tian, Donghai

AU - Xiong, Xi

AU - Hu, Changzhen

AU - Liu, Peng

PY - 2011

Y1 - 2011

N2 - Nowadays Buffer overflow attacks are still recognized as one of the most severe threats in software security. Previous solutions suffer from limitations in that: 1) Some methods based on compiler extensions have limited practicality because they need to access source code; 2) Other methods that need to modify some aspects of the operating system or hardware require much deployment effort; 3) Almost all methods are unable to deploy a runtime protection for programs that cannot afford to restart. In this paper, we propose PHUKO, an on-the-fly buffer overflow prevention system which leverages virtualization technology. PHUKO offers the protected program a fully transparent environment and an easy deployment without the need to restart the program. The experiments show that our system can defend against realistic buffer overflow attacks effectively with moderate performance overhead.

AB - Nowadays Buffer overflow attacks are still recognized as one of the most severe threats in software security. Previous solutions suffer from limitations in that: 1) Some methods based on compiler extensions have limited practicality because they need to access source code; 2) Other methods that need to modify some aspects of the operating system or hardware require much deployment effort; 3) Almost all methods are unable to deploy a runtime protection for programs that cannot afford to restart. In this paper, we propose PHUKO, an on-the-fly buffer overflow prevention system which leverages virtualization technology. PHUKO offers the protected program a fully transparent environment and an easy deployment without the need to restart the program. The experiments show that our system can defend against realistic buffer overflow attacks effectively with moderate performance overhead.

UR - http://www.scopus.com/inward/record.url?scp=85037102553&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-18178-8_34

DO - 10.1007/978-3-642-18178-8_34

M3 - Conference contribution

AN - SCOPUS:85037102553

SN - 9783642181771

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 409

EP - 415

BT - Information Security - 13th International Conference, ISC 2010, Revised Selected Papers

PB - Springer Verlag

ER -

Tian D, Xiong X, Hu C, Liu P. Integrating offline analysis and online protection to defeat buffer overflow attacks. 在 Information Security - 13th International Conference, ISC 2010, Revised Selected Papers. Springer Verlag. 2011. 页码 409-415. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-18178-8_34

Integrating offline analysis and online protection to defeat buffer overflow attacks

摘要

出版系列

访问文件

其它文件与链接

指纹

引用此