Abstract
Nowadays Buffer overflow attacks are still recognized as one of the most severe threats in software security. Previous solutions suffer from limitations in that: 1) Some methods based on compiler extensions have limited practicality because they need to access source code; 2) Other methods that need to modify some aspects of the operating system or hardware require much deployment effort; 3) Almost all methods are unable to deploy a runtime protection for programs that cannot afford to restart. In this paper, we propose PHUKO, an on-the-fly buffer overflow prevention system which leverages virtualization technology. PHUKO offers the protected program a fully transparent environment and an easy deployment without the need to restart the program. The experiments show that our system can defend against realistic buffer overflow attacks effectively with moderate performance overhead.
This work was supported by AFOSR FA9550-07-1-0527 (MURI), ARO W911NF-09-1-0525 (MURI), NSF CNS-0905131, and AFRL FA8750-08-C-0137.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
NIST. National Vulnerability Database (2009), http://nvd.nist.gov/
Wang, X., Pan, C.-C., Liu, P., Zhu, S.: SigFree: A Signature-Free Buffer Overflow Attack Blocker. IEEE Transactions on Dependable and Secure Computing (2010)
Barham, P., Dragovic, B., Fraser, K., Steven, H., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the Art of Virtualization. In: Proceedings of the the 19th ACM Symposium on Operating Systems Principles (SOSP) (2003)
Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS) (2003)
Younan, Y., Piessens, F., Joosen, W.: Protecting global and static variables from buffer overflow attacks. In: The Forth International Conference on Availability, Reliability and Security (ARES) (2009)
Wilander, J., Kamkar, M.: A comparison of publicly available tools for dynamic buffer overflow prevention. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS) (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tian, D., Xiong, X., Hu, C., Liu, P. (2011). Integrating Offline Analysis and Online Protection to Defeat Buffer Overflow Attacks. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds) Information Security. ISC 2010. Lecture Notes in Computer Science, vol 6531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-18178-8_34
Download citation
DOI: https://doi.org/10.1007/978-3-642-18178-8_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-18177-1
Online ISBN: 978-3-642-18178-8
eBook Packages: Computer ScienceComputer Science (R0)