How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Using Memory Errors to Attack a Virtual Machine
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
Worm propagation modeling and analysis under dynamic quarantine defense
Proceedings of the 2003 ACM workshop on Rapid malcode
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Harbor: software-based memory protection for sensor nodes
Proceedings of the 6th international conference on Information processing in sensor networks
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Address obfuscation: an efficient approach to combat a board range of memory error exploits
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Static analysis of executables to detect malicious patterns
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Automating mimicry attacks using static binary analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
SigFree: a signature-free buffer overflow attack blocker
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Improving sensor network immunity under worm attacks: a software diversity approach
Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing
Code injection attacks on harvard-architecture devices
Proceedings of the 15th ACM conference on Computer and communications security
Self-healing control flow protection in sensor applications
Proceedings of the second ACM conference on Wireless network security
On the difficulty of software-based attestation of embedded devices
Proceedings of the 16th ACM conference on Computer and communications security
Self-propagating worms in wireless sensor networks
Proceedings of the 5th international student workshop on Emerging networking experiments and technologies
Efficient code diversification for network reprogramming in sensor networks
Proceedings of the third ACM conference on Wireless network security
SWORDS: improving sensor networks immunity under worm attacks
WAIM'10 Proceedings of the 11th international conference on Web-age information management
A TPM-enabled remote attestation protocol (TRAP) in wireless sensor networks
Proceedings of the 6th ACM workshop on Performance monitoring and measurement of heterogeneous wireless and wired networks
| Hi-index | 0.00 |
Since sensor applications are implemented in embedded computer systems, cyber attacks that compromise regular computer systems via exploiting memory related vulnerabilities present similar threats to sensor networks. However, the paper shows that memory fault attacks in sensors are not just the same as in regular computers due to sensor's hardware and software architecture. In contrast to worm attacks, mal-codes carried by exploiting packets cannot be executed in a sensor. Therefore, the paper proposes a range of attack approaches to illustrate that a mal-packet, which only carries specially crafted data, can exploit memory-related vulnerabilities and utilize existing application codes in a sensor to propagate itself without disrupting sensor's functionality. The paper shows that such a mal-packet can have as few as 17 bytes. A prototype of a 27-byte mal-packet has been implemented and tested in Mica2 sensors. Simulation shows that the propagation pattern of such a malpacket in a sensor network is very different from worm propagation. Malpackets can either quickly take over the whole network or hard to propagate under different traffic situations.