Using Greedy Hamiltonian Call Paths to Detect Stack Smashing Attacks

14 years 4 months ago

Download www.cise.ufl.edu

The ICAT statistics over the past few years have shown at least one out of every five CVE and CVE candidate vulnerabilities have been due to buffer overflows. This constitutes a significant portion of today’s computer related security concerns. In this paper we introduce a novel method for detecting stack smashing and buffer overflow attacks. Our runtime method extracts return addresses from the program call stack and uses these return addresses to extract their corresponding invoked addresses from memory. We demonstrate how these return and invoked addresses can be represented as a directed weighted graph and used in the detection of stack smashing attacks. We introduce the concept of a Greedy Hamiltonian Call Path and show how the lack of such a path can be used to detect stack-smashing attacks.

Mark Foster, Joseph N. Wilson, Shigang Chen

Real-time Traffic

Buffer Overflow | ISW 2004 | Return Addresses | Stack Smashing |

claim paper

Post Info
More Details (n/a)

Added	02 Jul 2010
Updated	02 Jul 2010
Type	Conference
Year	2004
Where	ISW
Authors	Mark Foster, Joseph N. Wilson, Shigang Chen

Comments (0)

Sciweavers

Using Greedy Hamiltonian Call Paths to Detect Stack Smashing Attacks

Buffer Overflow | ISW 2004 | Return Addresses | Stack Smashing |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers