Countering Code Injection Attacks: A Unified Approach
نویسندگان
چکیده
Code injection exploits a software vulnerability through which a malicious user can make an application run unauthorized code. Server applications frequently employ dynamic and domain-specific languages, which are used as vectors for the attack. We propose a generic approach that prevents the class of injection attacks involving these vectors: our scheme detects attacks by using location-specific signatures to validate code statements. The signatures are unique identifiers that represent specific characteristics of a statement’s execution. We have applied our approach successfully to defend against attacks targeting sql, xpath and JavaScript.
منابع مشابه
Side channel parameter characteristics of code injection attacks
Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics of embedded systems and their applicability in code injection attack detection. T...
متن کاملExecution Integrity with In-Place Encryption
Instruction set randomization (ISR) was initially proposed with the main goal of countering code-injection attacks. However, ISR seems to have lost its appeal since code-injection attacks became less attractive because protection mechanisms such as data execution prevention (DEP) as well as code-reuse attacks became more prevalent. In this paper, we show that ISR can be extended to also protect...
متن کاملA Unified Approach for Preventing Attacks Exploiting a Range of Software Vulnerabilities
Software implementation bugs are behind most security vulnerabilities reported today. Our analysis of CVE vulnerabilities in 2003 and 2004 indicate that 20% of them were classified as DOS attacks, 30% are due to design errors, and almost every thing else is due to implementation errors. Among implementation errors, 84% are due to generalized injection vulnerabilities that allow an attacker to m...
متن کاملCountering Lifetime Kernel Code Integrity Protections
Protecting the kernel of an operating system against attacks, especially injection of malicious code, is an important factor for implementing secure operating systems. To address this problem, several kernel code integrity protection mechanisms were proposed recently that aim to prevent malicious programs from being executed with kernel privileges. However, they all share a common shortcoming: ...
متن کاملDwarf Frankenstein is still in your memory: tiny code reuse attacks
Code reuse attacks such as return oriented programming and jump oriented programming are the most popular exploitation methods among attackers. A large number of practical and non-practical defenses are proposed that differ in their overhead, the source code requirement, detection rate and implementation dependencies. However, a usual aspect among these methods is consideration of the common be...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Inf. Manag. Comput. Security
دوره 19 شماره
صفحات -
تاریخ انتشار 2011