Code injection attacks are considered serious threats to the Internet users. In this type of attack the attacker injects malicious codes in the user programs to change or divert the execution flows. In this paper we explore the contemporary defence strategies against code injection attacks (CIAs) and underline their limitations. To overcome these limitations, we suggest a number of countermeasure mechanisms for protecting from CIAs. Our key idea relies on the multiplexing technique to preserve the exact return code to ensure the integrity of program execution trace of shell code. This technique also maintains a FIFO (first in first out) queue to defeat the conflict state when multiple caller method makes a call simultaneously. Finally, our ...
Abstract—We present an obfuscation strategy to protect a program against injection attacks. The stra...
The chapter introduces and describes representative defense mechanisms to protect from both basic an...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
With a code injection attack (CIA) an attacker can introduce malicious code into a computer program ...
This paper proposes a methodology to develop coun-termeasures against code injection attacks, and va...
We propose a exible host-based intrusion detection system against remote code injection attacks. The...
International audienceFault attacks consist in changing the program behavior by injecting faults at ...
Injection attacks top the lists of the most harmful software vulnerabilities. Injection vulnerabilit...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
In this paper we present an efficient countermeasure against code injection attacks. Our countermeas...
Code injections attacks are one of the most powerful and important classes of attacks on software. I...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Abstract—We present an obfuscation strategy to protect a program against injection attacks. The stra...
The chapter introduces and describes representative defense mechanisms to protect from both basic an...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
With a code injection attack (CIA) an attacker can introduce malicious code into a computer program ...
This paper proposes a methodology to develop coun-termeasures against code injection attacks, and va...
We propose a exible host-based intrusion detection system against remote code injection attacks. The...
International audienceFault attacks consist in changing the program behavior by injecting faults at ...
Injection attacks top the lists of the most harmful software vulnerabilities. Injection vulnerabilit...
The goal of the research presented in this dissertation is to prevent, detect, and mitigate maliciou...
Exploitation of memory corruption vulnerabilities in widely used software has been a threat for almo...
Abstract—As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determine...
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Com...
In this paper we present an efficient countermeasure against code injection attacks. Our countermeas...
Code injections attacks are one of the most powerful and important classes of attacks on software. I...
We describe a new, general approach for safeguarding systems against any type of code-injection atta...
Abstract—We present an obfuscation strategy to protect a program against injection attacks. The stra...
The chapter introduces and describes representative defense mechanisms to protect from both basic an...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...