On the effectiveness of NX, SSP, RenewSSP, and ASLR against stack buffer overflows

Proceedings - 2014 IEEE 13th International Symposium on Network Computing and Applications, NCA 2014

Volumn , Issue , 2014, Pages 145-152

  Gisbert, Hector Marco ^a   Ripoll, Ismael ^a  

^a UNIVERSITAT POLITÈCNICA DE VALÈNCIA   (Spain)

Author keywords

[No Author keywords available]

Indexed keywords

ENTROPY; OPEN SOURCE SOFTWARE; SECURITY OF DATA;

ADDRESS SPACE; ADDRESS SPACE LAYOUT RANDOMIZATIONS; BUFFER OVERFLOW ATTACKS; CYBER SECURITY; GNU/LINUX; PROTECTION TECHNIQUES; SENSE OF SECURITY; STACK BUFFER OVERFLOWS;

BUFFER STORAGE;

EID: 84911162009     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/NCA.2014.28     Document Type: Conference Paper

References (13)

1. C. Cowan, C. Pu, D. Maier, H. Hintongif, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang, "Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks," in Proc. of the 7th USENIX Security Symposium, Jan 1998, pp. 63-78.
2. H. Marco-Gisbert and I. Ripoll, "Preventing brute force attacks against stack canary protection on networking servers," in Network Computing and Applications (NCA), 2013 12th IEEE International Symposium on, 2013, pp. 243-250.
3. Pax Team. (2003) PaX address space layout randomization (ASLR). [Online]. Available: http://pax.grsecurity.net/docs/aslr.txt
4. L. D. Paulson, "New chips stop buffer overflow attacks," Computer, vol. 37, no. 10, pp. 28-30, 2004.
5. Mitre. (2011) CWE/SANS top 25 most dangerous software errors. [Online]. Available: http://cwe.mitre.org/top25
6. A. 'pi3' Zabrocki, "Scraps of notes on remote stack overflow exploitation," November 2010. [Online]. Available: http://www.phrack.org/issues.html?issue=67&id=13#article
7. G. F. Roglia, L. Martignoni, R. Paleari, and D. Bruschi, "Surgically returning to randomized lib(c)," in Proceedings of the 2009 Annual Computer Security Applications Conference, ser. ACSAC '09. Washington, DC, USA: IEEE Computer Society, 2009, pp. 60-69. [Online]. Available: http://dx.doi.org/10.1109/ACSAC.2009.16
8. J. Han, D. Gao, and R. H. Deng, "On the effectiveness of software diversity: A systematic study on real-world vulnerabilities," in Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, ser. DIMVA '09. Berlin, Heidelberg: Springer-Verlag, 2009, pp. 127-146. [Online]. Available: http://dx.doi.org/10.1007/978-3-642-02918-98
9. Nergal, "The advanced return-into-lib(c) exploits: PaX case study," Phrack, no. 58, 2001.
10. R. Roemer, E. Buchanan, H. Shacham, and S. Savage, "Return-oriented programming: Systems, languages, and applications," ACM Trans. Inf. Syst. Secur., vol. 15, no. 1, pp. 2:1-2:34, Mar. 2012. [Online]. Available: http://doi.acm.org/10.1145/2133375.2133377
11. Bulba and Kil3r, "Bypassing stackguard and stackshield," Phrack, 56, 2002.
12. NIST. (2011, September) Vulnerability Summary for CVE-2010-3867. [Online]. Available: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3867
13. E. Bhatkar, D. C. Duvarney, and R. Sekar, "Address obfuscation: an efficient approach to combat a broad range of memory error exploits," in In Proceedings of the 12th USENIX Security Symposium, 2003, pp. 105-120.