Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2005
IEEE
2005
IEEE
e-NeXSh: Achieving an Effectively Non-Executable Stack and Heap via System-Call Policing
We present e-NeXSh, a novel security approach that utilises kernel and LIBC support for efficiently defending systems against process-subversion attacks. Such attacks exploit vulnerabilities in software to override its program control-flow and consequently invoke system calls, causing out-of-process damage. Our technique defeats such attacks by monitoring all LIBC function and system-call invocations, and validating them against process-specific information that strictly prescribes the permissible behaviour for the program (unlike general sandboxing techniques that require manually maintained, explicit policies, we use the program code itself as a guideline for an implicit policy). Any deviation from this behaviour is considered malicious, and we halt the attack, limiting its damage to within the subverted process. We implemented e-NeXSh as a set of modifications to the linux-2.4.18-3 kernel and a new user-space shared library (e-NeXSh.so). The technique is transparent, requiring ...
Real-time TrafficACSAC 2005 | Attacks Exploit Vulnerabilities | General Sandboxing Techniques | Process-subversion Attacks | Security Privacy |
| Added | 24 Jun 2010 |
| Updated | 24 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | ACSAC |
| Authors | Gaurav S. Kc, Angelos D. Keromytis |
Comments (0)
Researcher Info
|
