Counter-measures against stack buffer overflows in GNU/Linux operating systems.

被引:4
作者
Leon, Erick [1 ]
Bruda, Stefan D. [1 ]
机构
[1] Bishops Univ, 2600 Coll St, Sherbrooke, PQ J1M 1Z7, Canada
来源
7TH INTERNATIONAL CONFERENCE ON AMBIENT SYSTEMS, NETWORKS AND TECHNOLOGIES (ANT 2016) / THE 6TH INTERNATIONAL CONFERENCE ON SUSTAINABLE ENERGY INFORMATION TECHNOLOGY (SEIT-2016) / AFFILIATED WORKSHOPS | 2016年 / 83卷
关键词
Buffer overflow; Stack; GNU/Linux; ptrace;
D O I
10.1016/j.procs.2016.04.270
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
We address the particular cyber attack technique known as stack buffer overflow in GNU/Linux operating systems, which are widely used in HPC environments. The buffer overflow problem has been around for quite some time and continues to be an ever present issue. We develop a mechanism to successfully detect and react whenever a stack buffer overflow occurs. Our solution requires no compile-time support and so can be applied to any program, including legacy or closed source software for which the source code is not available. This makes it especially useful in HPC environments where given their complexity and scope of the computing system, incidents like overflows might be difficult to detect and react to accordingly. (C) 2016 The Authors. Published by Elsevier B.V.
引用
收藏
页码:1301 / 1306
页数:6
相关论文
共 14 条
[1]  
[Anonymous], 2003, ADDRESS SPACE LAYOUT
[2]  
[Anonymous], 2003, NONEXECUTABLE PAGES
[3]  
Chuang W., 2007, P 2 INT C HIGH PERF, P71
[4]  
Dalton M., 2008, P 17 USENIX SEC S US
[5]  
Deckard J., 2004, DEFEATING OVERFLOW A
[6]  
Duarte G., 2014, EPILOGUES CANARIES B
[7]  
Leon E., 2015, THESIS
[8]  
Piromsopa K., SECURE BIT2 TRANSPAR
[9]  
Roberts P., VULNERABILITY OSCARS
[10]  
Shao Z., 2004, P INT C INF TECHN CO, VI, P409
12