research-article

Runtime countermeasures for code injection attacks against C and C++ programs

Authors:

Frank PiessensAuthors Info & Claims

ACM Computing Surveys (CSUR), Volume 44, Issue 3

Article No.: 17, Pages 1 - 28

https://doi.org/10.1145/2187671.2187679

Published: 14 June 2012 Publication History

Abstract

The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit these vulnerabilities to gain control over the execution flow of applications. These attacks have played a key role in many major security incidents. Consequently, a huge body of research on countermeasures exists. We provide a comprehensive and structured survey of vulnerabilities and countermeasures that operate at runtime. These countermeasures make different trade-offs in terms of performance, effectivity, compatibility, etc., making it hard to evaluate and compare countermeasures in a given context. We define a classification and evaluation framework on the basis of which countermeasures can be assessed.

References

[1]

Abadi, M., Budiu, M., Erlingsson, U., and Ligatti, J. 2005. Control-flow integrity. In Proceedings of the 12th ACM Conference on Computer and Communications Security.

Digital Library

[2]

Akritidis, P., Cadar, C., Raiciu, C., Costa, M., and Castro, M. 2008. Preventing memory error exploits with wit. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[3]

Akritidis, P., Costa, M., Castro, M., and Hand, S. 2009. Baggy bounds checking: An efficient and backwards-compatible defense against out-of-bounds errors. In Proceedings of the 18th USENIX Security Symposium.

Digital Library

[4]

Aleph One. 1996. Smashing the stack for fun and profit. Phrack 49.

[5]

Alexander, S. 2005. Defeating compiler-level buffer overflow protection. USENIX Mag. 30, 3.

[6]

anonymous. 2001. Once upon a free(). Phrack 57.

[7]

Arahori, Y., Gondow, K., and Maejima, H. 2009. Tcbc: Trap caching bounds checking for C. In Proceedings of the 8th IEEE International Conference on Dependable, Autonomic and Secure Computing.

Digital Library

[8]

Austin, T. M., Breach, S. E., and Sohi, G. S. 1994. Efficient detection of all pointer and array access errors. In Proceedings of the ACM Conference on Programming Language Design and Implementation.

Digital Library

[9]

Avijit, K., Gupta, P., and Gupta, D. 2006. Binary rewriting and call interception for efficient runtime protection against buffer overflows: Research articles. Softw. Pract. Exp. 36, 9.

Digital Library

[10]

Baratloo, A., Singh, N., and Tsai, T. 2000. Transparent runtime defense against stack smashing attacks. In Proceedings of the USENIX Annual Technical Conference.

Digital Library

[11]

Barrantes, E. G., Ackley, D. H., Forrest, S., Palmer, T. S., Stefanović, D., and Zovi, D. D. 2003. Randomized instruction set emulation to disrupt binary code injection attacks. In Proceedings of the 10th ACM Conference on Computer and Communications Security.

Digital Library

[12]

BBP. 2003. BSD heap smashing. BlackHat.

[13]

Berger, E. D. and Zorn, B. G. 2006. Diehard: Probabilistic memory safety for unsafe languages. In Proceedings of the ACM Conference on Programming Language Design and Implementation.

Digital Library

[14]

Bernaschi, M., Gabrielli, E., and Mancini, L. V. 2000. Operating system enhancements to prevent the misuse of system calls. In Proceedings of the 7th ACM Conference on Computer and Communications Security.

Digital Library

[15]

Bhatkar, S., DuVarney, D. C., and Sekar, R. 2003. Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In Proceedings of the 12th USENIX Security Symposium.

Digital Library

[16]

Bhatkar, S. and Sekar, R. 2008. Data space randomization. In Proceedings of the 5th Conference on Detection of Intrusions and Malware & Vulnerability Assessment.

Digital Library

[17]

Bhatkar, S., Sekar, R., and DuVarney, D. C. 2005. Efficient techniques for comprehensive protection from memory error exploits. In Proceedings of the 14th USENIX Security Symposium.

Digital Library

[18]

Boehm, H. and Weiser, M. 1988. Garbage collection in an uncooperative environment. Softw. Pract. Exp. 18, 9.

Digital Library

[19]

Bray, B. 2002. Compiler security checks in depth. Microsoft Corporation Visual C++ .NET.

[20]

Bruschi, D., Cavallaro, L., and Lanzi, A. 2007a. Diversified process replicae for defeating memory error exploits. In Proceedings of the 3rd International Workshop on Information Assurance.

[21]

Bruschi, D., Cavallaro, L., and Lanzi, A. 2007b. An efficient technique for preventing mimicry and impossible paths execution attacks. In Proceedings of the 3rd International Workshop on Information Assurance.

[22]

Bulba and Kil3r. 2000. Bypassing stackguard and stackshield. Phrack 56.

[23]

Castro, M., Costa, M., and Harris, T. 2006. Securing software by enforcing data-flow integrity. In Proceedings of the 7th Symposium on Operating Systems Design and Implementation.

Digital Library

[24]

Cavallaro, L. and Sekar, R. 2008. Anomalous taint detection. In Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection.

Digital Library

[25]

Chen, K. and Wagner, D. 2007. Large-scale analysis of format string vulnerabilities in debian linux. In Proceedings of the Workshop on Programming Languages and Analysis for Security.

Digital Library

[26]

Chen, P., Xiao, H., Shen, X., Yin, X., Mao, B., and Xie, L. 2009. Drop: Detecting return-oriented programming malicious code. In Proceedings of the 5th International Conference on Information Systems Security.

Digital Library

[27]

Chen, S., Xu, J., Nakka, N., Kalbarczyk, Z., and Iyer, R. K. 2005. Defeating memory corruption attacks via pointer taintedness detection. In Proceedings of the International Conference on Dependable Systems and Networks.

Digital Library

[28]

Chen, S., Xu, J., Sezer, E. C., Gauriar, P., and Iyer, R. K. 2005. Non-control-data attacks are realistic threats. In Proceedings of the 14th USENIX Security Symposium.

Digital Library

[29]

Chinchani, R., Iyer, A., Jayaraman, B., and Upadhyaya, S. 2004. Archerr: Runtime environment driven program safety. In Proceedings of the 9th European Symposium on Research in Computer Security.

[30]

Chiueh, T. and Hsu, F. 2001. RAD: A compile-time solution to buffer overflow attacks. In Proceedings of the 21st International Conference on Distributed Computing Systems.

Digital Library

[31]

Condit, J., Harren, M., Anderson, Z., Gay, D., and Necula, G. 2007. Dependent types for low-level programming. In Proceedings of the 16th European Symposium on Programming.

Digital Library

[32]

Conover, M. 1999. w00w00 on Heap Overflows. http://www.w00w00.org/articles.html.

[33]

Corliss, M., Lewis, E. C., and Roth, A. 2004. Using dise to protect return addresses from attack. In Proceedings of the Workshop on Architectural Support for Security and Anti-Virus.

[34]

Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G., Frantzen, M., and Lokier, J. 2001. FormatGuard: Automatic protection from printf format string vulnerabilities. In Proceedings of the 10th USENIX Security Symposium.

Digital Library

[35]

Cowan, C., Beattie, S., Johansen, J., and Wagle, P. 2003. PointGuard: Protecting pointers from buffer overflow vulnerabilities. In Proceedings of the 12th USENIX Security Symposium.

Digital Library

[36]

Cowan, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., and Zhang, Q. 1998. StackGuard: Automatic adaptive detection and prevention of buffer overflow attacks. In Proceedings of the 7th USENIX Security Symposium.

Digital Library

[37]

Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., and Hiser, J. 2006. N-variant systems: A secretless framework for security through diversity. In Proceedings of the 15th USENIX Security Symposium.

Digital Library

[38]

Dahn, C. and Mancoridis, S. 2003. Using program transformation to secure C programs against buffer overflows. In Proceedings of the 10th Working Conference on Reverse Engineering.

Digital Library

[39]

Dalton, M., Kannan, H., and Kozyrakis, C. 2008. Real-world buffer overflow protection for userspace & kernelspace. In Proceedings of the 17th USENIX Security symposium.

Digital Library

[40]

Dhurjati, D. and Adve, V. 2006a. Backwards-compatible array bounds checking for C with very low overhead. In Proceedings of the 28th International Conference on Software Engineering.

Digital Library

[41]

Dhurjati, D. and Adve, V. 2006b. Efficiently detecting all dangling pointer uses in production servers. In Proceedings of the International Conference on Dependable Systems and Networks.

Digital Library

[42]

Dhurjati, D., Kowshik, S., and Adve, V. 2006. Safecode: Enforcing alias analysis for weakly typed languages. In Proceedings of the ACM Conference on Programming Language Design and Implementation.

Digital Library

[43]

Dhurjati, D., Kowshik, S., Adve, V., and Lattner, C. 2003. Memory safety without runtime checks or garbage collection. In Proceedings of the ACM Conference on Language, Compiler, and Tool Support for Embedded Systems.

Digital Library

[44]

Dobrovitski, I. 2003. Exploit for CVS double free() for Linux pserver. http://seclists.org/bugtraq/2003/Feb/42.

[45]

Egele, M., Wurzinger, P., Kruegel, C., and Kirda, E. 2009. Defending browsers against drive-by downloads: Mitigating heap-spraying code injection attacks. In Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment.

Digital Library

[46]

Erlingsson, U. and Schneider, F. B. 1999. SASI enforcement of security policies: A retrospective. In Proceedings of the New Security Paradigm Workshop.

Digital Library

[47]

Erlingsson, U., Younan, Y., and Piessens, F. 2010. Low-level software security by example. In Handbook of Information and Communication Security. Springer.

[48]

Etoh, H. and Yoda, K. 2000. Protecting from stack-smashing attacks. Tech. rep., IBM Research Divison, Tokyo Research Laboratory.

[49]

Evans, D. and Twyman, A. 1999. Flexible policy-directed code safety. In Proceedings of the IEEE Symposium on Security and Privacy.

[50]

Feng, H. H., Kolesnikov, O. M., Fogla, P., Lee, W., and Gong, W. 2003. Anomaly detection using call stack information. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[51]

Fetzer, C. and Xiao, Z. 2001. Detecting heap-smashing attacks through fault containment wrappers. In Proceedings of the 20th IEEE Symposium on Reliable Distributed Systems.

[52]

Forrest, S., Hofmeyr, S. A., Somayaji, A., and Longstaff, T. A. 1996. A sense of self for Unix processes. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[53]

Francillon, A. and Castelluccia, C. 2008. Code injection attacks on harvard-architecture devices. In Proceedings of the 15th ACM Conference on Computer and Communications Security.

Digital Library

[54]

Francillon, A., Perito, D., and Castelluccia, C. 2009. Defending embedded systems against control flow attacks. In Proceedings of the 1st ACM Workshop on Secure Execution of Untrusted Code.

Digital Library

[55]

Frantzen, M. and Shuey, M. 2001. StackGhost: Hardware facilitated stack protection. In Proceedings of the 10th USENIX Security Symposium.

Digital Library

[56]

Gadaleta, F., Younan, Y., Jacobs, B., Joosen, W., De Neve, E., and Beosier, N. 2009. Instruction-level countermeasures against stack-based buffer overflow attacks. In Proceedings of the 1st Workshop on Virtualization Technology for Dependable Systems.

Digital Library

[57]

Gadaleta, F., Younan, Y., and Joosen, W. 2010. Bubble: A javascript engine-level countermeasure against heap-spraying attacks. In Proceedings of the 2nd International Symposium on Engineering Secure Software and Systems.

Digital Library

[58]

Goldberg, I., Wagner, D., Thomas, R., and Brewer, E. A. 1996. A secure environment for untrusted helper applications. In Proceedings of the 6th USENIX Security Symposium.

Digital Library

[59]

Grimes, R. 2004. Preventing buffer overflows in C++. Dr Dobb's J. Softw. Tools Prof. Program. 29, 1.

[60]

Gupta, S., Pratap, P., Saran, H., and Arun-Kumar, S. 2006. Dynamic code instrumentation to detect and recover from return address corruption. In Proceedings of the International Workshop on Dynamic Systems Analysis.

Digital Library

[61]

Hastings, R. and Joyce, B. 1992. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter USENIX Conference.

[62]

Hicks, M., Morrisett, G., Grossman, D., and Jim, T. 2004. Experience with safe manual memory-management in cyclone. In Proceedings of the 4th International Symposium on Memory Management.

Digital Library

[63]

Hiser, J. D., Coleman, C. L., Co, M., and Davidson, J. W. 2009. Meds: The memory error detection system. In Proceedings of the 1st International Symposium on Engineering Secure Software and Systems.

Digital Library

[64]

Ho, A., Fetterman, M., Clark, C., Warfield, A., and Hand, S. 2006. Practical taint-based protection using demand emulation. In Proceedings of the 1st ACM European Conference on Computer Systems.

Digital Library

[65]

Howard, M. and LeBlanc, D. 2001. Writing Secure Code. Microsoft Press.

Digital Library

[66]

Hu, W., Hiser, J., Williams, D., Filipi, A., Davidson, J. W., Evans, D., Knight, J. C., Nguyen-Tuong, A., and Rowanhill, J. 2006. Secure and practical defense against code-injection attacks using software dynamic translation. In Proceedings of the 2nd International Conference on Virtual Execution Environments.

Digital Library

[67]

Ikebe, Y., Nakayama, T., Katagiri, M., Kawasaki, S., Abe, H., Shinagawa, T., and Kato, K. 2008. Efficient anomaly detection system for mobile handsets. In Proceedings of the 2nd International Conference on Emerging Security Information, Systems, and Technologies.

Digital Library

[68]

Intel Corporation 2001. IA-32 Intel Architecture Software Developer's Manual Volume 1: Basic Architecture. Intel Corporation. Order Nr. 245470.

[69]

ISO. 1999. ISO/IEC 9899:1999: Programming languages -- C. Tech. rep., International Organization for Standards.

[70]

Jiang, X., Wang, H. J., Xu, D., and Wang, Y. M. 2007. Randsys: Thwarting code injection attacks with system service interface randomization. In Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems.

Digital Library

[71]

Jim, T., Morrisett, G., Grossman, D., Hicks, M., Cheney, J., and Wang, Y. 2002. Cyclone: A safe dialect of C. In Proceedings of the USENIX Annual Technical Conference.

Digital Library

[72]

Jones, R. W. M. and Kelly, P. H. J. 1997. Backwards-compatible bounds checking for arrays and pointers in C programs. In Proceedings of the 3rd International Workshop on Automatic Debugging.

[73]

Kaempf, M. 2001. Vudo—An object superstitiously believed to embody magical powers. Phrack 57.

[74]

Kc, G. S. and Keromytis, A. D. 2005. e-nexsh: Achieving an effectively non-executable stack and heap via system-call policing. In Proceedings of the 21st Annual Computer Security Applications Conference.

Digital Library

[75]

Kc, G. S., Keromytis, A. D., and Prevelakis, V. 2003. Countering code-injection attacks with instruction-set randomization. In Proceedings of the 10th ACM Conference on Computer and Communications Security.

Digital Library

[76]

Kendall, S. C. 1983. Bcc: Runtime checking for C programs. In Proceedings of the USENIX Summer Conference.

[77]

Kharbutli, M., Jiang, X., Solihin, Y., Venkataramani, G., and Prvulovic, M. 2006. Comprehensively and efficiently protecting the heap. In Proceedings of the 12th International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[78]

Kil, C., Jun, J., Bookholt, C., Xu, J., and Ning, P. 2006. Address space layout permutation (aslp): Towards fine-grained randomization of commodity software. In Proceedings of the 22nd Annual Computer Security Applications Conference.

Digital Library

[79]

Kim, D. J., Kim, T. H., Kim, J., and Hong, S. J. 2006. Return address randomization scheme for annuling data-injection buffer overflow attacks. In Proceedings of the 2nd Conference on Information Security and Cryptology.

Digital Library

[80]

Kiriansky, V., Bruening, D., and Amarasinghe, S. 2002. Secure execution via program shepherding. In Proceedings of the 11th USENIX Security Symposium.

Digital Library

[81]

Kohli, P. and Bruhadeshwar, B. 2008. Formatshield: A binary rewriting defense against format string attacks. In Proceedings of the 13th Australasian Conference on Information Security and Privacy.

Digital Library

[82]

Kowshik, S., Dhurjati, D., and Adve, V. 2002. Ensuring code safety without runtime checks for real-time control systems. In Proceedings of the International Conference on Compilers, Architecture and Synthesis for Embedded Systems.

Digital Library

[83]

Krennmair, A. 2003. ContraPolice: a libc extension for protecting applications from heap-smashing attacks. http://synflood.at/papers/cp.pdf.

[84]

Kruegel, C., Kirda, E., Mutz, D., Robertson, W., and Vigna, G. 2005. Automating mimicry attacks using static binary analysis. In Proceedings of the 14th USENIX Security Symposium.

Digital Library

[85]

Lam, L. and Chiueh, T. 2005. Checking array bound violation using segmentation hardware. In Proceedings of the International Conference on Dependable Systems and Networks.

Digital Library

[86]

Larus, J. R., Ball, T., Das, M., DeLine, R., Fähndrich, M., Pincus, J., Rajamani, S. K., and Venkatapathy, R. 2004. Righting software. IEEE Softw. 21, 3.

Digital Library

[87]

Lattner, C. and Adve, V. 2005. Automatic pool allocation: Improving performance by controlling data structure layout in the heap. In Proceedings of the ACM Conference on Programming Language Design and Implementation.

Digital Library

[88]

Lee, R. B., Karig, D. K., McGregor, J. P., and Shi, Z. 2003. Enlisting hardware architecture to thwart malicious code injection. In Proceedings of the 1st International Conference on Security in Pervasive Computing.

[89]

Lhee, K.-S. and Chapin, S. J. 2002. Type-assisted dynamic buffer overflow detection. In Proceedings of the 11th USENIX Security Symposium.

Digital Library

[90]

Li, W. and Chiueh, T. 2007. Automated format string attack prevention for win32/x86 binaries. In Proceedings of the 23rd Annual Computer Security Applications Conference.

[91]

Liang, Z., Liang, B., and Li, L. 2009. A system call randomization-based method for countering code-injection attacks. Int. J. Inform. Technol. Comp. Sci. 1, 1.

[92]

Lin, C., Rajagopalan, M., Baker, S., Collberg, C., Debray, S., and Hartman, J. 2005. Protecting against unexpected system calls. In Proceedings of the 14th USENIX Security Symposium.

Digital Library

[93]

Lin, Y.-D., Wu, F.-C., Lai, Y.-C., Huang, T.-Y., and Lin, F. 2010. Embedded tainttracker: Lightweight tracking of taint data against buffer overflow attacks. In Proceedings of the International Conference on Communications.

[94]

Lin, Z., Riley, R. D., and Xu, D. 2009. Polymorphing software by randomizing data structure layout. In Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment.

Digital Library

[95]

McCamant, S. and Morrisett, G. 2006. Evaluating SFI for a CISC architecture. In Proceedings of the 15th USENIX Security Symposium.

Digital Library

[96]

Messier, M. and Viega, J. 2003. Safe c string library v1.0.2. http://www.zork.org/safestr.

[97]

Microsoft. 2003. Buffer overrun in RPC interface could allow code execution. Microsoft Security Bulletin MS03-026.

[98]

Miller, T. C. and de Raadt, T. 1999. strlcpy and strlcat—Consistent, safe string copy and concatenation. In Proceedings of the USENIX Annual Technical Conference.

Digital Library

[99]

Nagarakatte, S., Zhao, J., Martin, M. M., and Zdancewic, S. 2009. Softbound: Highly compatible and complete spatial memory safety for C. In Proceedings of the ACM Conference on Programming Language Design and Implementation.

Digital Library

[100]

Nagarakatte, S., Zhao, J., Martin, M. M., and Zdancewic, S. 2010. Cets: Compiler Enforced Temporal Safety for C. In Proceedings of the International Symposium on Memory Management.

Digital Library

[101]

Nanda, S., Li, W., Lam, L.-C., and Chiueh, T.-c. 2006. Foreign code detection on the windows/x86 platform. In Proceedings of the 22nd Annual Computer Security Applications Conference.

Digital Library

[102]

Necula, G., McPeak, S., and Weimer, W. 2002. CCured: Type-safe retrofitting of legacy code. In Proceedings of the 29th Symposium on Principles of Programming Languages.

Digital Library

[103]

Nethercote, N. and Fitzhardinge, J. 2004. Bounds-checking entire programs without recompiling. In Proceedings of the 2nd Workshop on Semantics, Program Analysis, and Computing Environments for Memory Management.

[104]

Newsome, J. and Song, D. 2005. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proceedings of the 12th Annual Network and Distributed System Security Symposium.

[105]

Oiwa, Y., Sekiguchi, T., Sumii, E., and Yonezawa, A. 2002. Fail-safe ANSI-C compiler: An approach to making C programs secure: Progress report. In Proceedings of the International Symposium on Software Security.

Digital Library

[106]

Parampalli, C., Sekar, R., and Johnson, R. 2008. A practical mimicry attack against powerful system-call monitors. In Proceedings of the ACM Symposium on Information, Computer and Communications Security.

Digital Library

[107]

Patel, K., Parameswaran, S., and Shee, S. L. 2007. Ensuring secure program execution in multiprocessor embedded systems: A case study. In Proceedings of the 5th IEEE/ACM International Conference on Hardware/Software Codesign and System Synthesis.

Digital Library

[108]

Patil, H. and Fischer, C. N. 1997. Low-cost, concurrent checking of pointer and array accesses in C programs. Softw. Pract. Exp. 27, 1.

Digital Library

[109]

Perens, B. 1987. Electric fence. http://perens.com.

[110]

Pozza, D., Sisto, R., Durante, L., and Valenzano, A. 2006. Comparing lexical analysis tools for buffer overflow detection in network software. In Proceedings of the 1st International Conference on Communication System Software and Middleware.

[111]

Prasad, M. and Chiueh, T. 2003. A binary rewriting defense against stack-based overflow attacks. In Proceedings of the USENIX Annual Technical Conference.

[112]

Prevelakis, V. and Spinellis, D. 2001. Sandboxing applications. In Proceedings of the USENIX Annual Technical Conference.

Digital Library

[113]

Provos, N. 2003. Improving host security with system call policies. In Proceedings of the 12th USENIX Security Symposium.

Digital Library

[114]

Qin, F., Wang, C., Li, Z., Kim, H.-s., Zhou, Y., and Wu, Y. 2006. Lift: A low-overhead practical information flow tracking system for detecting security attacks. In Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture.

Digital Library

[115]

Rabek, J. C., Khazan, R. I., Lewandowski, S. M., and Cunningham, R. K. 2003. Detection of injected, dynamically generated, and obfuscated malicious code. In Proceedings of the ACM Workshop on Rapid Malcode.

Digital Library

[116]

Rajagopalan, M., Hiltunen, M., Jim, T., and Schlichting, R. 2005. Authenticated system calls. In Proceedings of the International Conference on Dependable Systems and Networks.

Digital Library

[117]

Ratanaworabhan, P., Livshits, B., and Zorn, B. 2009. Nozzle: A defense against heap-spraying code injection attacks. In Proceedings of the 18th USENIX Security Symposium.

Digital Library

[118]

Rinard, M., Cadar, C., Dumitran, D., Roy, D., Leu, T., and Beebee, W. S. 2004. Enhancing server availability and security through failure-oblivious computing. In Proceedings of the 6th Symposium on Operating Systems Design and Implementation.

Digital Library

[119]

Rinard, M., Cadar, C., Dumitran, D., Roy, D. M., and Leu, T. 2004. A dynamic technique for eliminating buffer overflow vulnerabilities (and other memory errors). In Proceedings of the 20th Annual Computer Security Applications Conference.

Digital Library

[120]

Ringenburg, M. F. and Grossman, D. 2005. Preventing format-string attacks via automatic and efficient dynamic checking. In Proceedings of the 12th ACM Conference on Computer and Communications Security.

Digital Library

[121]

rix. 2000. Smashing C++ VPTRs. Phrack 56.

[122]

Robbins, T. 2001. Libformat. http://www.securityfocus.com/tools/1818.

[123]

Robertson, W., Kruegel, C., Mutz, D., and Valeur, F. 2003. Runtime detection of heap-based overflows. In Proceedings of the 17th Large Installation Systems Administrators Conference.

Digital Library

[124]

Roglia, G. F., Martignoni, L., Paleari, R., and Bruschi, D. 2009. Surgically returning to randomized lib(c). In Proceedings of the 25th Annual Computer Security Applications Conference.

Digital Library

[125]

Ruwase, O. and Lam, M. S. 2004. A practical dynamic buffer overflow detector. In Proceedings of the 11th Annual Network and Distributed System Security Symposium.

[126]

Salamat, B., Jackson, T., Gal, A., and Franz, M. 2009. Orchestra: Intrusion detection using parallel execution and monitoring of program variants in user-space. In Proceedings of the 4th ACM European Conference on Computer Systems.

Digital Library

[127]

Saltzer, J. H. and Schroeder, M. D. 1975. The protection of information in computer systems. Proc. IEEE 63, 9.

[128]

scut. 2001. Exploiting format string vulnerabilities. http://crypto.stanford.edu/cs155/papers/formatstring-1.2.pdf.

[129]

Sekar, R., Bendre, M., Dhurjati, D., and Bollineni, P. 2001. A fast automaton-based method for detecting anomalous program behaviors. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[130]

Shacham, H. 2007. The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In Proceedings of the 14th ACM Conference on Computer and Communications Security.

Digital Library

[131]

Shacham, H., Page, M., Pfaff, B., Goh, E.-J., Modadugu, N., and Boneh, D. 2004. On the Effectiveness of Address-Space Randomization. In Proceedings of the 11th ACM Conference on Computer and Communications Security.

Digital Library

[132]

Shao, Z., Cao, J., Chan, K. C. C., Xue, C., and Sha, E. H.-M. 2006. Hardware/software optimization for array & pointer boundary checking against buffer overflow attacks. J. Parall. Distrib. Comput. 66, 9.

Digital Library

[133]

Shao, Z., Zhuge, Q., He, Y., and Sha, E. H. M. 2003. Defending embedded systems against buffer overflow via hardware/software. In Proceedings of the 19th Annual Computer Security Applications Conference.

Digital Library

[134]

Shinagawa, T. 2006. Segmentshield: Exploiting segmentation hardware for protecting against buffer overflow attacks. In Proceedings of the 25th IEEE Symposium on Reliable Distributed Systems.

Digital Library

[135]

SkyLined. 2004. Internet explorer iframe src&name parameter bof remote compromise. Microsoft Corporation.

[136]

Small, C. 1997. A tool for constructing safe extensible C++ systems. In Proceedings of the 3rd USENIX Conference on Object-Oriented Technologies.

Digital Library

[137]

Smirnov, A. and Chiueh, T. 2005. Dira: Automatic detection, identification and repair of control-hijacking attacks. In Proceedings of the Network and Distributed System Security Symposium.

[138]

Smith, N. P. 1997. Stack smashing vulnerabilities in the unix operating system. http://reality.sgi.com/nate/machines/security/stack-smashing/.

[139]

Snarskii, A. 1997. Freebsd libc stack integrity patch.

[140]

Snarskii, A. 1999. Libparanoia.

[141]

Solar Designer. 1997. Non-executable stack patch.

[142]

Solar Designer. 2000. JPEG COM marker processing vulnerability in netscape browsers. http://www. openwall.com/linux.

[143]

Sovarel, A. N., Evans, D., and Paul, N. 2005. Where's the feeb&quest; The effectiveness of instruction set randomization. In Proceedings of the 14th Conference on USENIX Security Symposium.

Digital Library

[144]

Spafford, E. H. 1989. Crisis and aftermath. Commun. ACM 32, 6.

Digital Library

[145]

Steffen, J. L. 1992. Adding runtime checking to the portable C compiler. Softw. Pract. Exp. 22, 4.

Digital Library

[146]

Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., and Walter, T. 2009. Breaking the memory secrecy assumption. In Proceedings of the 2nd European Workshop on System Security.

Digital Library

[147]

Suh, G. E., Lee, J. W., Zhang, D., and Devadas, S. 2004. Secure program execution via dynamic information flow tracking. In Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[148]

The PaX Team. 2000. Documentation for the PaX project. http://pax.grsecurity.net/docs/.

[149]

Tuck, N., Calder, B., and Varghese, G. 2004. Hardware and binary modification support for code pointer protection from buffer overflow. In Proceedings of the 37th Annual IEEE/ACM International Symposium on Microarchitecture.

Digital Library

[150]

Vendicator. 2000. Documentation for Stack Shield.

[151]

Viega, J. and McGraw, G. 2002. Building Secure Software. Addison-Wesley.

[152]

Wagner, D. and Dean, D. 2001. Intrusion detection via static analysis. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[153]

Wahbe, R., Lucco, S., Anderson, T. E., and Graham, S. L. 1993. Efficient software-based fault isolation. In Proceedings of the 14th ACM Symposium on Operating System Principles.

Digital Library

[154]

Weiss, Y. and Barrantes, E. G. 2006. Known/chosen key attacks against software instruction set randomization. In Proceedings of the 22nd Annual Computer Security Applications Conference.

Digital Library

[155]

Wilander, J. and Kamkar, M. 2002. A comparison of publicly available tools for static intrusion prevention. In Proceedings of the 7th Nordic Workshop on Secure IT Systems.

[156]

Wojtczuk, R. 1998. Defeating Solar Designer's non-executable stack patch. http://insecure.org/sploits/non-executable.stack.problems.html.

[157]

Xu, J., Kalbarczyk, Z., and Iyer, R. K. 2003. Transparent runtime randomization for security. In Proceedings of the 22nd International Symposium on Reliable Distributed Systems.

[158]

Xu, J., Kalbarczyk, Z., Patel, S., and Ravishankar, K. I. 2002. Architecture support for defending against buffer overflow attacks. In Proceedings of the 2nd Workshop on Evaluating and Architecting System Dependability.

[159]

Xu, W., Bhatkar, S., and Sekar, R. 2006. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In Proceedings of the 15th USENIX Security Symposium.

Digital Library

[160]

Xu, W., DuVarney, D. C., and Sekar, R. 2004. An efficient and backwards-compatible transformation to ensure memory safety of C programs. In Proceedings of the 12th ACM International Symposium on Foundations of Software Engineering.

Digital Library

[161]

Yong, S. H. and Horwitz, S. 2003. Protecting C programs from attacks via invalid pointer dereferences. In Proceedings of the 9th European Software Engineering Conference.

Digital Library

[162]

Younan, Y. 2003. An overview of common programming security vulnerabilities and possible solutions. M.S. dissertation, Vrije Universiteit Brussel.

[163]

Younan, Y. 2008. Efficient countermeasures for software vulnerabilities due to memory management errors. Ph.D. dissertation, Katholieke Universiteit Leuven.

[164]

Younan, Y., Joosen, W., and Piessens, F. 2006a. Efficient protection against heap-based buffer overflows without resorting to magic. In Proceedings of the 8th International Conference on Information and Communication Security.

Digital Library

[165]

Younan, Y., Joosen, W., and Piessens, F. 2006b. Extended protection against stack smashing attacks without performance loss. In Proceedings of the 22nd Annual Computer Security Applications Conference.

Digital Library

[166]

Younan, Y., Joosen, W., Piessens, F., and Van den Eynden, H. 2010a. Improving memory management security for C and C++. Int. J. Secure Softw. Eng. 2, 1.

Digital Library

[167]

Younan, Y., Philippaerts, P., Cavallaro, L., Sekar, R., Piessens, F., and Joosen, W. 2010b. PAriCheck: An efficient pointer arithmetic checker for C programs. In Proceedings of the ACM Symposium on Information, Computer and Communications Security.

Digital Library

[168]

Younan, Y., Philippaerts, P., Piessens, F., Joosen, W., Lachmund, S., and Walter, T. 2009. Filter-resistant code injection on ARM. In Proceedings of the 16th ACM Conference on Computer and Communications Security.

Digital Library

[169]

Zhu, G. and Tyagi, A. 2004. Protection against indirect overflow attacks on pointers. In Proceedings of the 2nd IEEE International Information Assurance Workshop.

Digital Library

[170]

Zuquete, A. 2004. Stackfences: A runtime approach for detecting stack overflows. In Proceedings of the 1st International Conference on E-Business and Telecommunication Networks.

Cited By

Stavrakakis DPanfil ANam MBhatotia P(2024)SPP: Safe Persistent Pointers for Memory Safety2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00019(37-52)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00019
Felici RPozzi LFuria C(2024)HyperPUT: generating synthetic faulty programs to challenge bug-finding toolsEmpirical Software Engineering10.1007/s10664-023-10430-829:2Online publication date: 15-Jan-2024
https://dl.acm.org/doi/10.1007/s10664-023-10430-8
Zhang QZhou CXu YYin ZWang MSu ZSun CJiang YSun J(2023)Building Dynamic System Call Sandbox with Partial Order AnalysisProceedings of the ACM on Programming Languages10.1145/36228427:OOPSLA2(1253-1280)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622842
Show More Cited By

Index Terms

Runtime countermeasures for code injection attacks against C and C++ programs
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages

Recommendations

Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Due to the portability advantage, HTML5-based mobile apps are getting more and more popular.Unfortunately, the web technology used by HTML5-based mobile apps has a dangerous feature, which allows data and code to be mixed together, making code injection ...
A Methodology for Designing Countermeasures against Current and Future Code Injection Attacks
IWIA '05: Proceedings of the Third IEEE International Workshop on Information Assurance

This paper proposes a methodology to develop counter-measures against code injection attacks, and validates the methodology by working out a specific counter-measure. This methodology is based on modeling the execution environment of a program. Such a ...
Countermeasures for timing-based side-channel attacks against shared, modern computing hardware

There are several vulnerabilities in computing systems hardware that can be exploited by attackers to carry out devastating microarchitectural timing-based side-channel attacks against these systems and as a result compromise the security of the users of ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 44, Issue 3

June 2012

344 pages

ISSN:0360-0300

EISSN:1557-7341

DOI:10.1145/2187671

Issue’s Table of Contents

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 June 2012

Accepted: 01 October 2010

Revised: 01 December 2007

Received: 01 October 2006

Published in CSUR Volume 44, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

43
Total Citations
View Citations
2,076
Total Downloads

Downloads (Last 12 months)43
Downloads (Last 6 weeks)4

Reflects downloads up to 24 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Stavrakakis DPanfil ANam MBhatotia P(2024)SPP: Safe Persistent Pointers for Memory Safety2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00019(37-52)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00019
Felici RPozzi LFuria C(2024)HyperPUT: generating synthetic faulty programs to challenge bug-finding toolsEmpirical Software Engineering10.1007/s10664-023-10430-829:2Online publication date: 15-Jan-2024
https://dl.acm.org/doi/10.1007/s10664-023-10430-8
Zhang QZhou CXu YYin ZWang MSu ZSun CJiang YSun J(2023)Building Dynamic System Call Sandbox with Partial Order AnalysisProceedings of the ACM on Programming Languages10.1145/36228427:OOPSLA2(1253-1280)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3622842
Rajagopalan VKleftogiorgos KGöktas EXu JPortokalidis GMeng WJensen CCremers CKirda E(2023)SysPart: Automated Temporal System Call Filtering for BinariesProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623207(1979-1993)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623207
Gaidis AAtlidakis VKemerlis VMeng WJensen CCremers CKirda E(2023)SysXCHG: Refining Privilege with Adaptive System Call FiltersProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623137(1964-1978)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623137
Harzevili NShin JWang JWang SNagappan N(2023)Automatic Static Vulnerability Detection for Machine Learning Libraries: Are We There Yet?2023 IEEE 34th International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE59848.2023.00042(795-806)Online publication date: 9-Oct-2023
https://doi.org/10.1109/ISSRE59848.2023.00042
Bozdoğan KStavrakakis DIssa SBhatotia PBromberg YKermarrec AKozyrakis C(2022)SafePMProceedings of the Seventeenth European Conference on Computer Systems10.1145/3492321.3519574(506-524)Online publication date: 28-Mar-2022
https://dl.acm.org/doi/10.1145/3492321.3519574
Sharma CMiller NAmariucai GAlexander PDavidson DChoi B(2020)Neutralizing manipulation of critical data by enforcing data-instruction dependencyProceedings of the 7th Symposium on Hot Topics in the Science of Security10.1145/3384217.3385620(1-11)Online publication date: 21-Sep-2020
https://dl.acm.org/doi/10.1145/3384217.3385620
Mitropoulos DLouridas PPolychronakis MKeromytis A(2019)Defending Against Web Application AttacksIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2017.266562016:2(188-203)Online publication date: 1-Mar-2019
https://dl.acm.org/doi/10.1109/TDSC.2017.2665620
Mullen GMeany L(2019)Assessment of Buffer Overflow Based Attacks On an IoT Operating System2019 Global IoT Summit (GIoTS)10.1109/GIOTS.2019.8766434(1-6)Online publication date: Jun-2019
https://doi.org/10.1109/GIOTS.2019.8766434
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents