Portably solving file TOCTTOU races with hardness amplification
FAST'08 Proceedings of the 6th USENIX Conference on File and Storage Technologies
Portably solving file races with hardness amplification
ACM Transactions on Storage (TOS)
Taxonomy and classification of automatic monitoring of program security vulnerability exploitations
Journal of Systems and Software
Building components with embedded security monitors
Proceedings of the joint ACM SIGSOFT conference -- QoSA and ACM SIGSOFT symposium -- ISARCS on Quality of software architectures -- QoSA and architecting critical systems -- ISARCS
Protecting applications against TOCTTOU races by user-space caching of file metadata
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
STING: finding name resolution vulnerabilities in programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Monitoring Buffer Overflow Attacks: A Perennial Task
International Journal of Secure Software Engineering
Hi-index | 0.00 |
Detecting security bugs during the development cycle of a software is extremely difficult as effective testing approaches for such bugs do not exist. Applications are often deployed without being tested for security vulnerabilities even though the application domain demands highly secure software. Hence there is a need to develop systems which can monitor such applications for security violations and take immediate actions if any violation occurs. In this paper we describe an approach for monitoring the security health of a software system. Our methodology involves an agent based approach which communicates with the health monitoring system running as an independent process. We make this agent a part of the application(binary) and modify the binary at appropriate locations to transfer the control to the agent attached. The agent sends critical information regarding the execution to the monitoring system. The monitoring system analyzes the data and takes suitable actions. Currently our system monitors the following security bugs - buffer overflow, race conditions( Time of Check to Time to Use vulnerability), random number vulnerability and can be extended for other vulnerabilities also.