Return Address Randomization Scheme for Annuling Data-Injection Buffer Overflow Attacks

Deok Jin Kim, Tae Hyung Kim, Jong Kim and Sung Je Hong

View Related Documents

Book Chapter
Yataglass: Network-Level Code Emulation for Analyzing Memory-Scanning Attacks
Makoto Shimamura and Kenji Kono
Lecture Notes in Computer Science, 2009, Volume 5587, Detection of Intrusions and Malware, and Vulnerability Assessment, Pages 68-87
- Download PDF (345.2 KB)
Book Chapter
Stack-Based Buffer Overflows in Harvard Class Embedded Systems
Kristopher Watts and Paul Oman
IFIP Advances in Information and Communication Technology, 2009, Volume 311, Critical Infrastructure Protection III, Pages 185-197
- Download PDF (186.1 KB)
Book Chapter
A Lightweight Buffer Overflow Protection Mechanism with Failure-Oblivious Capability
Tz-Rung Lee, Kwo-Cheng Chiu and Da-Wei Chang
Lecture Notes in Computer Science, 2009, Volume 5574, Algorithms and Architectures for Parallel Processing, Pages 661-672
- Download PDF (283.1 KB)
Book Chapter
Hardware Stack Design: Towards an Effective Defence Against Frame Pointer Overwrite Attacks
Yongsu Park, Younho Lee, Heeyoul Kim, Gil-Joo Lee and Il-Hee Kim
Lecture Notes in Computer Science, 2006, Volume 4266, Advances in Information and Computer Security, Pages 268-277
- Download PDF (343.0 KB)
Book Chapter
Buffer Overflows
2007, Foundations of Security, Part 2, Pages 93-105
- Download PDF (165.9 KB)
Book Chapter
Enlisting Hardware Architecture to Thwart Malicious Code Injection
Ruby B. Lee, David K. Karig, John P. McGregor and Zhijie Shi
Lecture Notes in Computer Science, 2004, Volume 2802, Security in Pervasive Computing, Pages 237-252
- Download PDF (217.4 KB)
Journal Article
Execution transactions for defending against software failures: use and evaluation
Stelios Sidiroglou and Angelos D. Keromytis
International Journal of Information Security, 2006, Volume 5, Number 2, Pages 77-91
- Download PDF (456.5 KB)
Journal Article
Dynamic emulation based modeling and detection of polymorphic shellcode at the network level
LanJia Wang, HaiXin Duan and Xing Li
Science in China Series F: Information Sciences, 2008, Volume 51, Number 11, Pages 1883-1897
- Download PDF (677.7 KB)
Book Chapter
Design of a Reliable Hardware Stack to Defend Against Frame Pointer Overwrite Attacks
Yongsu Park, Yong Ho Song and Eul Gyu Im
Lecture Notes in Computer Science, 2006, Volume 3975, Intelligence and Security Informatics, Pages 731-732
- Download PDF (179.6 KB)
Book Chapter
Detection and Diagnosis of Control Interception
Chang-Hsien Tsai and Shih-Kun Huang
Lecture Notes in Computer Science, 2007, Volume 4861, Information and Communications Security, Pages 412-426
- Download PDF (334.7 KB)

Abstract

Buffer overflow(BOF) has been the most common form of vulnerability in software systems today, and many methods exist to defend software systems against BOF attacks. Among them, the instruction set randomization scheme, which makes attacker not to know the specific instruction set of the target machine, is the most promising defense scheme because it defends all typical code-injection BOF attacks. However, this defense scheme can not cover data-injection BOF attacks like return-into-libc attacks. In order to defend against the data-injection BOF attacks as well as the code-injection BOF attacks, we propose an enhanced defense scheme randomizing not only the instruction sets but also the return addresses. Implementation results show that the proposed scheme can defend software systems against data-injection BOF attacks as well as code-injection BOF attacks without significant extra overheads.

Keywords Security - Buffer Overflow - Randomization - Instruction Set - Return Address - return-into-libc Attack - Data Injection Buffer Overflow Attack

This research was supported by the MIC(Ministry of Information and Communication), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institue of Information Technology Assessment)(IITA-2005-C1090-0501-0018).

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Return Address Randomization Scheme for Annuling Data-Injection Buffer Overflow Attacks

View Related Documents

Abstract

Fulltext Preview