Team for Research in
Ubiquitous Secure Technology

Memory Corruption Attacks, Defenses, and Evasions
Carlo Bellettini, Julian L. Rrushi

Citation
Carlo Bellettini, Julian L. Rrushi. "Memory Corruption Attacks, Defenses, and Evasions". Jatinder N. D. Gupta, Sushil K. Sharma (eds.), 12, 139-151, 1st, Information Science, 2008.

Abstract
The chapter introduces and describes representative defense mechanisms to protect from both basic and advanced exploitation of low-level coding vulnerabilities. Exploitation of low-level coding vulnerabilities has evolved from a basic stack-based buffer overflow with code injection to highly sophisticated attack techniques. In addition, pure-data attacks were demonstrated to be as efficient as control-data attacks and quite realistic. On the other hand research on assessment of the robustness of proposed mitigation techniques revealed various weaknesses in them leading to design and implementation of evasion techniques. Most of the defensive techniques protect only from a limited set of attack techniques, thus a defense employment requires multiple complementary mitigation techniques. Furthermore, there are few mitigation techniques designed to counter pure-data attacks. In response to these limitations, current research proposes better defensive mechanisms such as pointer taintedness detection and attack data burning capable of countering any kind of control-data or pure-data attack.

Electronic downloads


(No downloads are available for this publication.)
Citation formats  
  • HTML
    Carlo Bellettini, Julian L. Rrushi. <a
    href="http://www.truststc.org/pubs/468.html"
    ><i>Memory Corruption Attacks, Defenses, and
    Evasions</i></a>, Jatinder N. D. Gupta, Sushil
    K. Sharma (eds.), 12, 139-151, 1st, Information Science,
    2008.
  • Plain text
    Carlo Bellettini, Julian L. Rrushi. "Memory Corruption
    Attacks, Defenses, and Evasions". Jatinder N. D. Gupta,
    Sushil K. Sharma (eds.), 12, 139-151, 1st, Information
    Science, 2008.
  • BibTeX
    @inbook{BellettiniRrushi08_MemoryCorruptionAttacksDefensesEvasions,
        author = {Carlo Bellettini and Julian L. Rrushi},
        editor = {Jatinder N. D. Gupta, Sushil K. Sharma},
        title = {Memory Corruption Attacks, Defenses, and Evasions},
        chapter = {12},
        pages = {139-151},
        edition = {1st},
        publisher = {Information Science},
        year = {2008},
        abstract = {The chapter introduces and describes
                  representative defense mechanisms to protect from
                  both basic and advanced exploitation of low-level
                  coding vulnerabilities. Exploitation of low-level
                  coding vulnerabilities has evolved from a basic
                  stack-based buffer overflow with code injection to
                  highly sophisticated attack techniques. In
                  addition, pure-data attacks were demonstrated to
                  be as efficient as control-data attacks and quite
                  realistic. On the other hand research on
                  assessment of the robustness of proposed
                  mitigation techniques revealed various weaknesses
                  in them leading to design and implementation of
                  evasion techniques. Most of the defensive
                  techniques protect only from a limited set of
                  attack techniques, thus a defense employment
                  requires multiple complementary mitigation
                  techniques. Furthermore, there are few mitigation
                  techniques designed to counter pure-data attacks.
                  In response to these limitations, current research
                  proposes better defensive mechanisms such as
                  pointer taintedness detection and attack data
                  burning capable of countering any kind of
                  control-data or pure-data attack.},
        URL = {http://www.truststc.org/pubs/468.html}
    }
    

Posted by Julian L. Rrushi on 30 Aug 2008.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.