AIFD: A RUNTIME SOLUTION TO BUFFER OVERFLOW ATTACK
While buffer overflow problem has been known for a long time, it continues to present a serious security threat.Many solutions to the notorious problem were proposed.However, they had their own drawbacks.This paper presents a solution called API invocation fingerprint detection (AIFD) to eliminate overflow vulnerability with very low performance penally.The solution is API-hook-based, which does not require compiler extensions or operating system kernel patches.Unlike other API-hook-based solutions, which will not discover that system calls are actually invoked by malicious code in certain cases, AIFD works well in those cases.By it, programs protected will not yield control to the exploitation code, but rather enter a fail-safe state.In this paper, we present principle of buffer overflow attacks, implementation details of AIFD, and experimental results of both penetration resistance and the performance impact of this solution.
Buffer overflow attack AIFD API hook
HONG HAN XIAN-LIANG LU LI-YONG REN BO CHEN NING YANG
College of Computer Science and Engineering University of Electronic Science and Technology of China, Chengdu, 610054
国际会议
2007 International Conference on Machine Learning and Cybernetics(IEEE第六届机器学习与控制论国际会议)
香港
英文
3189-3194
2007-08-19(万方平台首次上网日期,不代表论文的发表时间)