CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Type-Assisted Dynamic Buffer Overflow Detection
Proceedings of the 11th USENIX Security Symposium
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Libsafe: Transparent System-wide Protection Against Buffer Overflow Attacks
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Using Program Transformation to Secure C Programs Against Buffer Overflows
WCRE '03 Proceedings of the 10th Working Conference on Reverse Engineering
Run-time Detection of Buffer Overflow Attacks without Explicit Sensor Data Objects
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Protection against Indirect Overflow Attacks on Pointers
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors)
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
AccMon: Automatically Detecting Memory-Related Bugs via Program Counter-Based Invariants
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
StackOFFence: A Technique for Defending Against Buffer Overflow Attacks
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume I - Volume 01
DieHard: probabilistic memory safety for unsafe languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Modular checking for buffer overflows in the large
Proceedings of the 28th international conference on Software engineering
Dynamic code instrumentation to detect and recover from return address corruption
Proceedings of the 2006 international workshop on Dynamic systems analysis
Monitoring the Security Health of Software Systems
ISSRE '06 Proceedings of the 17th International Symposium on Software Reliability Engineering
Raksha: a flexible information flow architecture for software security
Proceedings of the 34th annual international symposium on Computer architecture
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Dytan: a generic dynamic taint analysis framework
Proceedings of the 2007 international symposium on Software testing and analysis
Testing for buffer overflows with length abstraction
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Multi-variant Program Execution: Using Multi-core Systems to Defuse Buffer-Overflow Vulnerabilities
CISIS '08 Proceedings of the 2008 International Conference on Complex, Intelligent and Software Intensive Systems
Taxonomy and classification of automatic monitoring of program security vulnerability exploitations
Journal of Systems and Software
Mitigating program security vulnerabilities: Approaches and challenges
ACM Computing Surveys (CSUR)
| Hi-index | 0.00 |
Buffer overflow BOF is a well-known, and one of the worst and oldest, vulnerabilities in programs. BOF attacks overwrite data buffers and introduce wide ranges of attacks like execution of arbitrary injected code. Many approaches are applied to mitigate buffer overflow vulnerabilities; however, mitigating BOF vulnerabilities is a perennial task as these vulnerabilities elude the mitigation efforts and appear in the operational programs at run-time. Monitoring is a popular approach for detecting BOF attacks during program execution, and it can prevent or send warnings to take actions for avoiding the consequences of the exploitations. Currently, there is no detailed classification of the proposed monitoring approaches to understand their common characteristics, objectives, and limitations. In this paper, the authors classify runtime BOF attack monitoring and prevention approaches based on seven major characteristics. Finally, these approaches are compared for attack detection coverage based on a set of BOF attack types. The classification will enable researchers and practitioners to select an appropriate BOF monitoring approach or provide guidelines to build a new one.