Skip to main content
SpringerLink
Log in

Integrating Offline Analysis and Online Protection to Defeat Buffer Overflow Attacks

  • Conference paper
Information Security (ISC 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6531))

Included in the following conference series:

Abstract

Nowadays Buffer overflow attacks are still recognized as one of the most severe threats in software security. Previous solutions suffer from limitations in that: 1) Some methods based on compiler extensions have limited practicality because they need to access source code; 2) Other methods that need to modify some aspects of the operating system or hardware require much deployment effort; 3) Almost all methods are unable to deploy a runtime protection for programs that cannot afford to restart. In this paper, we propose PHUKO, an on-the-fly buffer overflow prevention system which leverages virtualization technology. PHUKO offers the protected program a fully transparent environment and an easy deployment without the need to restart the program. The experiments show that our system can defend against realistic buffer overflow attacks effectively with moderate performance overhead.

This work was supported by AFOSR FA9550-07-1-0527 (MURI), ARO W911NF-09-1-0525 (MURI), NSF CNS-0905131, and AFRL FA8750-08-C-0137.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. NIST. National Vulnerability Database (2009), http://nvd.nist.gov/

  2. Wang, X., Pan, C.-C., Liu, P., Zhu, S.: SigFree: A Signature-Free Buffer Overflow Attack Blocker. IEEE Transactions on Dependable and Secure Computing (2010)

    Google Scholar 

  3. Barham, P., Dragovic, B., Fraser, K., Steven, H., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the Art of Virtualization. In: Proceedings of the the 19th ACM Symposium on Operating Systems Principles (SOSP) (2003)

    Google Scholar 

  4. Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS) (2003)

    Google Scholar 

  5. Younan, Y., Piessens, F., Joosen, W.: Protecting global and static variables from buffer overflow attacks. In: The Forth International Conference on Availability, Reliability and Security (ARES) (2009)

    Google Scholar 

  6. Wilander, J., Kamkar, M.: A comparison of publicly available tools for dynamic buffer overflow prevention. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS) (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Pennsylvania State University, University Park, PA, 16802, USA

    Donghai Tian, Xi Xiong & Peng Liu

  2. Beijing Institute of Technology, Beijing, 100081, China

    Donghai Tian & Changzhen Hu

Authors
  1. Donghai Tian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xi Xiong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Changzhen Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Security and Assurance in IT (C-SAIT), Department of Computer Science, Florida State University, 32306-4530, Tallahassee, FL, USA

    Mike Burmester

  2. Department of Computer Science, University of California, Irvine, 92697-3425, CA, USA

    Gene Tsudik

  3. Center for Cryptology and Information Security (CCIS), Department of Mathematical Sciences, Florida Atlantic University, 33431-0991, Boca Raton, FL, USA

    Spyros Magliveras

  4. Mathematical Sciences Department, Florida Atlantic University, 33431-0991, Boca Raton, FL, USA

    Ivana Ilić

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tian, D., Xiong, X., Hu, C., Liu, P. (2011). Integrating Offline Analysis and Online Protection to Defeat Buffer Overflow Attacks. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds) Information Security. ISC 2010. Lecture Notes in Computer Science, vol 6531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-18178-8_34

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-18178-8_34

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-18177-1

  • Online ISBN: 978-3-642-18178-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation