The internet worm program: an analysis
ACM SIGCOMM Computer Communication Review
Computer systems: architecture, organization, and programming
Computer systems: architecture, organization, and programming
Optimistic incremental specialization: streamlining a commercial operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Declarative specialization of object-oriented programs
Proceedings of the 12th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Intrusion Detection via System Call Traces
IEEE Software
On Preventing Intrusions by Process Behavior Monitoring
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Fast concurrent dynamic linking for an adaptive operating system
ICCDS '96 Proceedings of the 3rd International Conference on Configurable Distributed Systems
Specialization classes: an object framework for specialization
IWOOOS '96 Proceedings of the 5th International Workshop on Object Orientation in Operating Systems (IWOOOS '96)
Java Security: From HotJava to Netscape and Beyond
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Toolkit for Specializing Production Operating System Code
A Toolkit for Specializing Production Operating System Code
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
| Hi-index | 0.00 |
Stack buffer overflow hacking became generally known due to the Morris' Internet Worm in 1988. Since then buffer overflow hacking has been used to attack systems and servers by hackers very frequently. Recently, many researches tried to prevent it, and several solutions were developed such as Libsafe and StackGuard; however, these solutions have a few problems. In this paper we present a new stack buffer overflow attack prevention technique that uses the system call monitoring mechanism and memory address where the system call is made. Because of its detection mechanism this system can be used for unknown attack detection, too.