The chapter introduces and describes representative defense mechanisms to protect from both basic and advanced exploitation of low-level coding vulnerabilities. Exploitation of low-level coding vulnerabilities has evolved from a basic stack-based buffer overflow with code injection to highly sophisticated attack techniques. In addition, pure-data attacks were demonstrated to be as efficient as control-data attacks and quite realistic. On the other hand research on assessment of the robustness of proposed mitigation techniques revealed various weaknesses in them leading to design and implementation of evasion techniques. Most of the defensive techniques protect only from a limited set of attack techniques, thus a defense employment requires multiple complementary mitigation techniques. Furthermore, there are few mitigation techniques designed to counter pure-data attacks. In response to these limitations, current research proposes better defensive mechanisms such as pointer taintedness detection and attack data burning capable of countering any kind of control-data or pure-data attack.

Memory corruption attacks, defenses, and evasions / C. Bellettini, J.L. Rrushi - In: Handbook of Research on Information Security and Assurance / [a cura di] J.N.D. Gupta, S. Sharma. - Hershey : Idea Group Reference, 2008 Aug. - ISBN 9781599048550. - pp. 139-151 [10.4018/978-1-59904-855-0.ch012]

Memory corruption attacks, defenses, and evasions

C. Bellettini
Primo
;
J.L. Rrushi
Ultimo
2008

Abstract

The chapter introduces and describes representative defense mechanisms to protect from both basic and advanced exploitation of low-level coding vulnerabilities. Exploitation of low-level coding vulnerabilities has evolved from a basic stack-based buffer overflow with code injection to highly sophisticated attack techniques. In addition, pure-data attacks were demonstrated to be as efficient as control-data attacks and quite realistic. On the other hand research on assessment of the robustness of proposed mitigation techniques revealed various weaknesses in them leading to design and implementation of evasion techniques. Most of the defensive techniques protect only from a limited set of attack techniques, thus a defense employment requires multiple complementary mitigation techniques. Furthermore, there are few mitigation techniques designed to counter pure-data attacks. In response to these limitations, current research proposes better defensive mechanisms such as pointer taintedness detection and attack data burning capable of countering any kind of control-data or pure-data attack.
security ; memory attacks
Settore INF/01 - Informatica
ago-2008
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/169272
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact