Write bufferoverflow is a widespread and prevalent memory safety violation in C/C++, reported as the top vulnerability in 2022 and 2023. Secure memory allocators are generally used to protect systems against attacks ...
详细信息
Write bufferoverflow is a widespread and prevalent memory safety violation in C/C++, reported as the top vulnerability in 2022 and 2023. Secure memory allocators are generally used to protect systems against attacks that may exploit bufferoverflows. Existing allocators mainly rely on two types of countermeasures to prevent or detect write overflows: canaries and guard pages, each with pros and cons in terms of detection latency and memory footprint. For virtualized cloud applications, this paper follows the Out of Hypervisor (OoH) trend and introduces GUANARY, a safety guard against write overflows, allowing synchronous detection at a low memory footprint cost. OoH is a new virtualization research axis introduced in 2022 advocating the exposure of hardware features for virtualization to the guest OS so that its processes can take advantage of them. Based on the OoH principle, GUANARY leverages Intel Sub-Page write Permission (SPP), a recent hardware virtualization feature that allows to write-protect guest memory at the granularity of 128B (namely, sub-page) instead of 4KB. We implement a software stack, LEANGUARD, which promotes the utilization of SPP from inside virtual machines by new secure allocators that use GUANARY. Our evaluation shows that for the same number of protected buffers, LEANGUARD consumes 8.3x less memory than SLIMGUARD, a recent state-of-the-art secure allocator. Further, for the same memory consumption, LEANGUARD allows protecting 25x more buffers than SLIMGUARD.
bufferoverflow vulnerabilities have been a severe threat to computer systems in the past few decades. Therefore, several static approaches have been proposed for automatic vulnerability detection and fixing. Static a...
详细信息
ISBN:
(纸本)9781665464970
bufferoverflow vulnerabilities have been a severe threat to computer systems in the past few decades. Therefore, several static approaches have been proposed for automatic vulnerability detection and fixing. Static approaches are efficient but require large memory space to maintain all necessary information at different program points for precision. Existing works are usually tradeoffs between throughput capacity and precision. In this paper, we propose a novel buffer overflow detection approach by performing the progressive data-flow evaluation on programs with their super data-flow graphs, which are expected to cover all real data-flow paths. For this purpose, we realized the super data-flow graph generation based on classic reaching-definition analysis, as well as the progressive data-flow evaluation approach. With progressive evaluation, we transform all necessary dataflow paths into SMT formulas and use an SMT solver to check whether these formulas satisfy certain vulnerable conditions. Finally, we evaluated our approach with Juliet Test Suites v1.3 and it detected all vulnerabilities with a very low false positive rate. Meanwhile, it also detected 8 known CVE vulnerabilities.
Programs written in unsafe languages like C and C++ often suffer from errors like bufferoverflows, dangling pointers, and memory leaks. Dynamic analysis tools like Valgrind can detect these errors, but their overhead...
详细信息
ISBN:
(纸本)9781450339001
Programs written in unsafe languages like C and C++ often suffer from errors like bufferoverflows, dangling pointers, and memory leaks. Dynamic analysis tools like Valgrind can detect these errors, but their overhead-primarily due to the cost of instrumenting every memory read and write-makes them too heavyweight for use in deployed applications and makes testing with them painfully slow. The result is that much deployed software remains susceptible to these bugs, which are notoriously difficult to track down. This paper presents evidence-based dynamic analysis, an approach that enables these analyses while imposing minimal overhead (under 5%), making it practical for the first time to perform these analyses in deployed settings. The key insight of evidence-based dynamic analysis is that for a class of errors, it is possible to ensure that evidence that they happened at some point in the past remains for later detection. Evidence-based dynamic analysis allows execution to proceed at nearly full speed until the end of an epoch (e.g., a heavyweight system call). It then examines program state to check for evidence that an error occurred at some time during that epoch. If so, it rolls back execution and re-executes the code with instrumentation activated to pinpoint the error. We present DOUBLETAKE, a prototype evidence-based dynamic analysis framework. DOUBLETAKE is practical and easy to deploy, requiring neither custom hardware, compiler, nor operating system support. We demonstrate DOUBLETAKE's generality and efficiency by building dynamic analyses that find bufferoverflows, memory use-after-free errors, and memory leaks. Our evaluation shows that DOUBLETAKE is efficient, imposing under 5% overhead on average, making it the fastest such system to date. It is also precise: DOUBLETAKE pinpoints the location of these errors to the exact line and memory addresses where they occur, providing valuable debugging information to programmers.
This paper proposed a method and a prototype using static analysis to detect security of computer software. There are many bufferoverflow vulnerabilities in released software. It uses the static object code analysis ...
详细信息
ISBN:
(纸本)9783037853122
This paper proposed a method and a prototype using static analysis to detect security of computer software. There are many bufferoverflow vulnerabilities in released software. It uses the static object code analysis technology to detect bufferoverflow, and analysis some unsafe function to determine whether the software has some default. It compares the different results of the proposed tool and traditional bufferoverflow detecting tools, the false alarm rate is less than others, false negative rate is same as others.
bufferoverflows cause serious problems in various categories of software systems. In critical systems, such as health-care, nuclear or aerospace software applications, a bufferoverflow may cause severe threats to hu...
详细信息
bufferoverflows cause serious problems in various categories of software systems. In critical systems, such as health-care, nuclear or aerospace software applications, a bufferoverflow may cause severe threats to humans or severe economic losses. If they occur in network or security applications, they can be exploited to gain administrator privileges, perform system attacks, access unauthorized data, or misuse the system. This paper proposes a combination of genetic algorithms, linear programming, evolutionary testing, and static and dynamic information to detect bufferoverflows. The newly proposed test input generation process avoids the need for human intervention to define and tune genetic algorithm weights and therefore it becomes completely automated. The process that guides the genetic search towards the detection of bufferoverflow relies on a fitness function that takes into account static and dynamic information. Reported results of our case studies, consisting of two sets of open-source programs show that the new process and fitness function outperform previously published approaches. (C) 2007 Elsevier Ltd. All rights reserved.
bufferoverflow is the most dangerous attack method that can be exploited. According to the statistics of Computer Emergency Readiness Team ( CERT ), bufferoverflow accounts for 50% of the current software vulnerab...
详细信息
bufferoverflow is the most dangerous attack method that can be exploited. According to the statistics of Computer Emergency Readiness Team ( CERT ), bufferoverflow accounts for 50% of the current software vulnerabilities, and this ratio is going up. Considering a subset of C language, Mini C, this paper presents an abstract machine model that can realire buffer overflow detection, which is based on operation semantic. Thus the research on buffer overflow detection can be built on strict descriptions of operation semantic. Not only the correctness can be assured, but also the system can be realized and extended easily.
Despite considerable effort, bufferoverflow attacks remain a major security threat today, especially when coupled with self-propagation mechanisms as in worms and viruses. This paper considers the problem of designin...
详细信息
ISBN:
(纸本)038725658X
Despite considerable effort, bufferoverflow attacks remain a major security threat today, especially when coupled with self-propagation mechanisms as in worms and viruses. This paper considers the problem of designing network-level mechanisms for detecting polymorphic instances of such attacks. The starting point for our work is the observation that many bufferoverflow attacks require a "sled" component to transfer control of the system to the exploit code. While previous work has shown that it is possible to detect certain types of sleds, including obfuscated instances, this paper demonstrates that the proposed detection heuristics can be thwarted by more elaborate sled obfuscation techniques. To address this problem, we have designed a new sled detection heuristic, called STRIDE, that offers three main improvements over previous work: it detects several types of sleds that other techniques are blind to, has a lower rate of false positives, and is significantly more computationally efficient, and hence more suitable for use at the network-level.
暂无评论