Preventing Overflow Attacks by Memory Randomization

13 years 10 months ago

Download www.public.asu.edu

Buffer overflow is known to be a common memory vulnerability affecting software. It is exploited to gain various kinds of privilege escalation. C and C++ are very commonly used to develop applications; due to the efficient "unmanaged" executions these languages are not safe. These attacks are highly successful as every executing copy of a shipped binary is the same. This work presents two approaches to randomizing the memory layout which does not require modifications at the developer end. Both techniques are implemented at the user-end machines and have no requirement for source code. The feasibility of the two techniques is shown by randomizing complex applications and demonstrating that the run-time penalty for the randomization schemes is very less.

Vivek Iyer, Amit Kanitkar, Partha Dasgupta, Raghun

Real-time Traffic

Buffer Overflow | Common Memory Vulnerability | ISSRE 2010 | Privilege Escalation | Software Engineering |

claim paper

Post Info
More Details (n/a)

Added	13 Feb 2011
Updated	13 Feb 2011
Type	Journal
Year	2010
Where	ISSRE
Authors	Vivek Iyer, Amit Kanitkar, Partha Dasgupta, Raghunathan Srinivasan

Comments (0)

Sciweavers

Preventing Overflow Attacks by Memory Randomization

Buffer Overflow | Common Memory Vulnerability | ISSRE 2010 | Privilege Escalation | Software Engineering |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers