Filters








858 Hits in 8.4 sec

Runtime Defense against Code Injection Attacks Using Replicated Execution

B Salamat, T Jackson, G Wagner, C Wimmer, M Franz
2011 IEEE Transactions on Dependable and Secure Computing  
Our experiments show that the multi-variant execution technique is effective in detecting and preventing code injection attacks.  ...  The number and complexity of attacks on computer systems are increasing. This growth necessitates proper defense mechanisms.  ...  Consequently, an attack launched against a multivariant environment with this configuration would be successful at compromising all variants and any system calls made in injected code would be executed  ... 
doi:10.1109/tdsc.2011.18 fatcat:okwhqckz3zfs3b33ez6selz7zy

Twenty-two years since revealing cross-site scripting attacks: a systematic mapping and a comprehensive survey [article]

Abdelhakim Hannousse and Salima Yahiouche and Mohamed Cherif Nait-Hamoud
2022 arXiv   pre-print
A comprehensive taxonomy is drawn out describing the different techniques used to prevent, detect, protect and defend against XSS attacks.  ...  The survey highlighted the limitations, discussed the potentials of existing XSS attack defense mechanisms and identified potential gaps.  ...  XSS attack detection techniques Runtime detection of attacks forms the last defense line against new and unknown attacks in the web.  ... 
arXiv:2205.08425v2 fatcat:mz2upyb3d5ekllmw66t7s4rsom

Break it, Fix it: Attack and Defense for "Add-on" Access Control Solutions in Distributed Data Analytics Platforms [article]

Fahad Shaon
2022 arXiv   pre-print
., proactive and reactive) defense to protect against those attacks. Our proactive security layer utilizes state-of-the-art program analysis to detect potentially malicious user code.  ...  Hence, they allow users to execute arbitrary code to analyze the data.  ...  Runtime checks guard against the cases when an attacker can bypass the proactive defense to use an adversarial coding capability.  ... 
arXiv:2106.13123v3 fatcat:kqvnwneen5htzmodfsdzqpwkfy

SoK: Automated Software Diversity

Per Larsen, Andrei Homescu, Stefan Brunthaler, Michael Franz
2014 2014 IEEE Symposium on Security and Privacy  
Unlike other defenses, it introduces uncertainty in the target. Precise knowledge of the target software provides the underpinning for a wide range of attacks.  ...  This makes diversity a broad rather than narrowly focused defense mechanism.  ...  Program source code is stored as non-executable data, so existing anti-code injection defenses are insufficient. JIT spraying [10] is a recent attack of this kind.  ... 
doi:10.1109/sp.2014.25 dblp:conf/sp/LarsenHBF14 fatcat:2z54gsh6cbhk3ihyaq4i6he7h4

Randomized instruction set emulation to disrupt binary code injection attacks

Elena Gabriela Barrantes, David H. Ackley, Trek S. Palmer, Darko Stefanovic, Dino Dai Zovi
2003 Proceedings of the 10th ACM conference on Computer and communication security - CCS '03  
Most current defenses against this form of attack use a 'guard all doors' strategy, trying to block the avenues by which execution can be diverted.  ...  Binary code injection into an executing program is a common form of attack.  ...  the partial support of the National Science Foundation (grants ANIR-9986555, CCR-0219587, CCR-0085792, CCR-0311686, EIA-0218262, and EIA-0238027), the Office of Naval Research (grant N00014-99-1-0417), Defense  ... 
doi:10.1145/948143.948147 fatcat:uhc3ykg3wveylodmvukhl2odm4

Randomized instruction set emulation to disrupt binary code injection attacks

Elena Gabriela Barrantes, David H. Ackley, Trek S. Palmer, Darko Stefanovic, Dino Dai Zovi
2003 Proceedings of the 10th ACM conference on Computer and communication security - CCS '03  
Most current defenses against this form of attack use a 'guard all doors' strategy, trying to block the avenues by which execution can be diverted.  ...  Binary code injection into an executing program is a common form of attack.  ...  the partial support of the National Science Foundation (grants ANIR-9986555, CCR-0219587, CCR-0085792, CCR-0311686, EIA-0218262, and EIA-0238027), the Office of Naval Research (grant N00014-99-1-0417), Defense  ... 
doi:10.1145/948109.948147 dblp:conf/ccs/BarrantesAPSZ03 fatcat:gzgwdwnlcbb3jaseeybwnvu7ua

ValueGuard: Protection of Native Applications against Data-Only Buffer Overflows [chapter]

Steven Van Acker, Nick Nikiforakis, Pieter Philippaerts, Yves Younan, Frank Piessens
2010 Lecture Notes in Computer Science  
Code injection attacks that target the control-data of an application have been prevalent amongst exploit writers for over 20 years.  ...  In this paper we present ValueGuard, a canary-based defense mechanism to protect applications against data-only buffer overflow attacks.  ...  Even if an attacker somehow manages to gain control of the execution-flow of the process, he can no longer execute code that he earlier injected.  ... 
doi:10.1007/978-3-642-17714-9_12 fatcat:z5pfh2q7ojbevoem5mtwpd5odm

A survey on server-side approaches to securing web applications

Xiaowei Li, Yuan Xue
2014 ACM Computing Surveys  
As they are increasingly used for critical services, web applications have become a popular and valuable target for security attacks.  ...  Although a large body of techniques have been developed to fortify web applications and mitigate attacks launched against web applications, there has been little effort devoted to drawing connections among  ...  Most defense techniques against input validation attacks focus on these two attacks. 3.1.1 SQL Injection.  ... 
doi:10.1145/2541315 fatcat:bjbtc55l4rf2bhbwznyhbldbge

SoK: Attacks on Industrial Control Logic and Formal Verification-Based Defenses [article]

Ruimin Sun, Alejandro Mera, Long Lu, David Choffnes
2021 arXiv   pre-print
We discovered challenges in every aspect of formal verification, rising from (1) the ever-expanding attack surface from evolved system design, (2) the real-time constraint during the program execution,  ...  Vulnerabilities in PLC programs might lead to attacks causing devastating consequences to the critical infrastructure, as shown in Stuxnet and similar attacks.  ...  We want to understand how these weaknesses have been used in different attacks, and how existing solutions defend against the attacks.  ... 
arXiv:2006.04806v3 fatcat:axupsga555gbhpe7wou5p7ggni

Randomized instruction set emulation

Elena Gabriela Barrantes, David H. Ackley, Stephanie Forrest, Darko Stefanović
2005 ACM Transactions on Privacy and Security  
Under RISE, injected code (attacks) essentially executes random code sequences.  ...  Injecting binary code into a running program is a common form of attack. Most defenses employ a "guard the doors" approach, blocking known mechanisms of code injection.  ...  Program-Level Defenses Against Code Injection.  ... 
doi:10.1145/1053283.1053286 fatcat:swetal6wszcftkrbfbmduvz3ei

Runtime countermeasures for code injection attacks against C and C++ programs

Yves Younan, Wouter Joosen, Frank Piessens
2012 ACM Computing Surveys  
Such attacks subvert the control flow of the application either to injected code or to existing code which is then executed in a different context.  ...  Code injection attacks exploit these to gain control over the execution-flow of applications. These attacks have played a key role in many major security incidents.  ...  The most used instantiation of this attack is against browsers: it uses javascript to fill the browser's memory with injected code (e.g. 1GB of memory).  ... 
doi:10.1145/2187671.2187679 fatcat:4kuj5cgppba2bgdcjd66xu4vgu

Technical Report: A Toolkit for Runtime Detection of Userspace Implants [article]

J. Aaron Pendergrass, Nathan Hull, John Clemens, Sarah Helble, Mark Thober, Kathleen McGill, Machon Gregory, Peter Loscocco
2019 arXiv   pre-print
Userspace integrity measurement may be combined with existing filesystem and kernel integrity measurement approaches to provide stronger guarantees that a platform is executing the expected software and  ...  The GOT holds the runtime addresses of global data and functions that may not be known at compile time. The PLT holds executable code used to make external function calls via the GOT.  ...  Thread Injection Given the ability to run arbitrary code in a process, it's trivial for an attacker to spawn a new thread via the clone system call.  ... 
arXiv:1904.12896v1 fatcat:ggzpahlljbg5vkejhsdti5olhe

Diversity-Based Approaches to Software Systems Security [chapter]

Abdelouahed Gherbi, Robert Charpentier
2011 Communications in Computer and Information Science  
Multi-variant code execution is a runtime monitoring technique which prevents malicious code execution [29] . This technique uses diversity to protect against malicious code injection attacks.  ...  Code injection attacks can succeed when the injected code is compatible with the execution environment.  ... 
doi:10.1007/978-3-642-27189-2_24 fatcat:vq4n3xqtqjbd5ekp7mmvnf4x3u

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits

Sandeep Bhatkar, Daniel C. DuVarney, R. Sekar
2003 USENIX Security Symposium  
It can be implemented with low runtime overheads.  ...  These aspects make it particularly effective against large-scale attacks such as Code Red, since each infection attempt requires significantly more resources, thereby slowing down the propagation rate  ...  It is useful against attacks where attack code is injected into the heap in the first step, and then a subsequent buffer overflow is used to modify the return address to point to this heap address.  ... 
dblp:conf/uss/BhatkarDS03 fatcat:pvs7npir5jcj7pwpnlzrutbklm

Architecture-based self-protecting software systems

Eric Yuan, Sam Malek, Bradley Schmerl, David Garlan, Jeff Gennari
2013 Proceedings of the 9th international ACM Sigsoft conference on Quality of software architectures - QoSA '13  
With this approach, it is possible to reason about the impact of a potential security breach on the system, assess the overall security posture of the system, and achieve defense in depth.  ...  In ABSP, detection and mitigation of security threats are informed by an architectural representation of the running system, maintained at runtime.  ...  For SQL injection risks, for instance, one can conduct static code analysis to find all occurrence of the use of SQL statement interpreters; • Use whitelist input validation to ensure all special characters  ... 
doi:10.1145/2465478.2465479 dblp:conf/qosa/YuanMSGG13 fatcat:sbhb7vucvfe5plmyygyybkr3lu
« Previous Showing results 1 — 15 out of 858 results