iCruiser: An Improved Approach for Concurrent Heap Buffer Overflow Monitoring

iCruiser: An Improved Approach for Concurrent Heap Buffer Overflow Monitoring

Heap buffer overflow has been extensively studied for many years, but it remains a severe threat to software security. Previous solutions suffer from limitations in that: 1) Some methods need to modify the target programs; 2) Most methods could impose considerable performance overhead. In this paper...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEICE Transactions on Information and Systems 2014/03/01, Vol.E97.D(3), pp.601-605
Hauptverfasser: TIAN, Donghai, LI, Xuanya, CHEN, Mo, HU, Changzhen
Format: Artikel
Sprache:eng
Schlagworte:
Buffers
Compatibility
Computer information security
Computer programs
heap buffer overflow
Monitoring
multi-core technology
Protection systems
Security
Software
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Heap buffer overflow has been extensively studied for many years, but it remains a severe threat to software security. Previous solutions suffer from limitations in that: 1) Some methods need to modify the target programs; 2) Most methods could impose considerable performance overhead. In this paper, we present iCruiser, an efficient heap buffer overflow monitoring system that uses the multi-core technology. Our system is compatible with existing programs, and it can detect the heap buffer overflows concurrently. Compared with the latest heap protection systems, our approach can achieves stronger security guarantees. Experiments show that iCruiser can detect heap buffer overflow attacks effectively with a little performance overhead.
ISSN:0916-8532
1745-1361
DOI:10.1587/transinf.E97.D.601