Kimchi: A Binary Rewriting Defense Against Format String Attacks

Kimchi: A Binary Rewriting Defense Against Format String Attacks

We propose a binary rewriting system called Kimchi that modifies binary programs to protect them from format string attacks in runtime. Kimchi replaces the machine code calling conventional printf with code calling a safer version of printf, safe_printf, that prevents its format string from accessin...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: You, Jin Ho, Seo, Seong Chae, Kim, Young Dae, Choi, Jun Yong, Lee, Sang Jun, Kim, Byung Ki
Format: Buchkapitel
Sprache:eng
Schlagworte:
Binary Code
Defense Line
Format String
Parent Function
Performance Overhead
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We propose a binary rewriting system called Kimchi that modifies binary programs to protect them from format string attacks in runtime. Kimchi replaces the machine code calling conventional printf with code calling a safer version of printf, safe_printf, that prevents its format string from accessing arguments exceeding the stack frame of the parent function. With the proposed static analysis and binary rewriting method, it can protect binary programs even if they do not use the frame pointer register or link the printf code statically. In addition, it reduces the performance overhead of the patched program by not modifying the calls to printf with the format string argument located in the read-only memory segment, which are not vulnerable to the format string attack.
ISSN:0302-9743
1611-3349
DOI:10.1007/11604938_14