A methodology for designing countermeasures against current and future code injection attacks

Author

Younan, Yves ; Joosen, Wouter ; Piessens, Frank

Author_Institution

Dept. of Comput. Sci., Katholieke Universiteit Leuven, Belgium

fYear

2005

fDate

23-24 March 2005

Firstpage

3

Lastpage

20

Abstract

This paper proposes a methodology to develop countermeasures against code injection attacks, and validates the methodology by working out a specific countermeasure. This methodology is based on modeling the execution environment of a program. Such a model is then used to build countermeasures. The paper justifies the need for a more structured approach to protect programs against code injection attacks: we examine advanced techniques for injecting code into C and C++ programs and we discuss state-of-the-art (often ad hoc) approaches that typically protect singular memory locations. We validate our methodology by building countermeasures that prevent attacks by protecting a broad variety of memory locations that may be used by attackers to perform code injections. The paper evaluates our approach and discusses ongoing and future work.

Keywords

C++ language; buffer storage; security of data; C programs; C++ programs; attack countermeasures; buffer overflows; code injection attacks; program execution environment; program protection; singular memory locations; Buffer overflow; Buildings; Code standards; Computer science; Design methodology; Linux; Operating systems; Program processors; Protection; Runtime environment; Advanced exploitation techniques; C; C++; buffer over-flows; code injection; counter-measures;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance, 2005. Proceedings. Third IEEE International Workshop on

Print_ISBN

0-7695-2317-X

Type

conf

DOI

10.1109/IWIA.2005.2

Filename

1410698