Preventing format-string attacks via automatic and efficient dynamic checking
Proceedings of the 12th ACM conference on Computer and communications security
An Intrusion Detection System using Alteration of Data
AINA '06 Proceedings of the 20th International Conference on Advanced Information Networking and Applications - Volume 01
FormatGuard: automatic protection from printf format string vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Large-scale analysis of format string vulnerabilities in Debian Linux
Proceedings of the 2007 workshop on Programming languages and analysis for security
The Csaw C Mutation Tool: Initial Results
TAICPART-MUTATION '07 Proceedings of the Testing: Academic and Industrial Conference Practice and Research Techniques - MUTATION
FormatShield: A Binary Rewriting Defense against Format String Attacks
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Mutation-Based Testing of Format String Bugs
HASE '08 Proceedings of the 2008 11th IEEE High Assurance Systems Engineering Symposium
| Hi-index | 0.00 |
In the computer field there are many types of input validation attacks that occur, in which "Format String Overflow Attacks" is one of the most important. Format String Overflow Attacks remain the leading reason of software vulnerability or exploits. Format string bugs result in error such as wrong result type, memory access error and crash and security breach. In this paper , we proposed a Finite state machine which prevents Format String Overflow Attacks in a secure way with the help of several states of FSM. Proper checking against format string overflow bugs can avoid consequences due to exploits of format string overflow bugs. The result of our proposed finite state machine is improving the security problem and provides protection to memory access from any unauthorized user.