Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2007
ACM
2007
ACM
A framework for diversifying windows native APIs to tolerate code injection attacks
We present a framework to prevent code injection attacks in MS Windows using Native APIs in the operating system. By adopting the idea of diversity, this approach is implemented in a two-tier framework. The first tier permutes the Native API dispatch ID number so that only the Native API calls from legitimate sources are executed. The second tier provides an authentication process in case an attacker guesses the first-tier permutation order. The function call stack is back-traced to verify whether the original caller's return address resides within the legitimate process. The process is terminated and an alert is generated when an attack is suspected. Experiments indicate that our approach poses no significant overhead. Categories and Subject Descriptors D.4.6 [Operating Systems]: Security and Protection--invasive software, authentication, security kernels; D.2.0 [Software Engineering]: General--Protection mechanisms General Terms Security, Diversity Keywords Diversity, Windows N...
Real-time Traffic| Added | 12 Aug 2010 |
| Updated | 12 Aug 2010 |
| Type | Conference |
| Year | 2007 |
| Where | CCS |
| Authors | Lynette Qu Nguyen, Tufan Demir, Jeff Rowe, Francis Hsu, Karl N. Levitt |
Comments (0)
Researcher Info
|
