Citations: RAD: A compile-time solution to buffer overflow attacks

14 citations found. Retrieving documents...

T. Chiueh and F. Hsu. RAD: A compile-time solution to buffer overflow attacks. In International Conference on Distributed Computing Systems (ICDCS), April 2001.

Home/Search Document Details and Download Summary Related Articles Check

This paper is cited in the following contexts:

A Comparison of Array Bounds Checking on Superscalar.. - Bentley, Watterson.. (2002) (1 citation) (Correct)

....C source code. cases compile time schemes to eliminate bounds checks fail, and the compiler must fall back to general run time checking. Several have studied handling buffer overflow; this includes using a gcc patch along with a canary to detect it [10] Another compile time solution, RAD [11], involves modifying the compiler to store return addresses in a safe location. This solution retains binary compatibility because stack frames are not modified. We use bcc [12] for our bounds checking because it adds as little overhead as possible; it stores the bounds along with the pointer. An ....

Tzi cker Chiueh and Fu-Hau Hsu. RAD: A Compile-Time solution to buffer overflow attacks. In International Conference on Distributed Computing Systems, Apr 2001.

A Comparison of Publicly Available Tools for Dynamic Buffer.. - Wilander, Kamkar (2003) (6 citations) (Correct)

....intrusion detection system building on program and or environment specific solutions, terminating execution in case of an attack. The techniques are often complete in the way that they can provably secure the targets they are designed to protect (one proof can be found in a paper by Chiueh and Hsu [6]) and will produce no false positives. Their general weakness lies in the fact that they all try to solve known security problems, i.e. how bugs are known to be exploited today, while not getting rid of the actual bugs in the programs. Whenever an attacker has figured out a new way of exploiting a ....

....match the saved copy, execution is halted and a security alert is raised. Libverify does not protect the integrity of the canary stack. They propose protecting it with mprotect( as in RAD (see section 3. 7) but as in the RAD case this will most probably impose a very serious performance penalty [6]. To be able to do this, Libverify has to rearrange the code quite a bit. First each function is copied whole to the heap (requires executable heap) where it can be altered. Then the saving and verifying of the return address is injected into each function by overwriting the first instruction ....

[Article contains additional citation context not shown here]

T. cker Chiueh and F.-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In Proceedings of the 21th International Conference on Distributed Computing Systems (ICDCS), Phoenix, Arizona, USA, April 2001.

Internet Worms As Internet-Wide Threat - Nikolai Joukov And (2003) (1 citation) Self-citation (Chiueh) (Correct)

No context found.

T. Chiueh, F. Hsu, "RAD: A Compile-time Solution to Buffer Overflow Attacks," International Conference on Distributed Computing Systems (ICDCS), Phoenix, Arizona, USA, April 2001

An Efficient and Backwards-Compatible Transformation to.. - Xu, DuVarney, Sekar (2004) (Correct)

No context found.

T. Chiueh and F. Hsu. RAD: A compile-time solution to buffer overflow attacks. In International Conference on Distributed Computing Systems (ICDCS), April 2001.

A Methodology for Designing Countermeasures Against.. - Younan, Joosen, Piessens (2004) (Correct)

No context found.

T. Chiueh and F.-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In Proceedings of the 21st International Conference on Distributed Computing Systems, pages 409--420, Phoenix, Arizona, USA, Apr. 2001. IEEE Computer Society, IEEE Press.

Using DISE to Protect Return Addresses from Attack - Marc Corliss Christopher (2004) (Correct)

No context found.

T.-C. Chiueh and F.-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In Proc. of 21st Int. Conf. on Distributed Computing Systems, Apr. 2001.

An Efficient and Backwards-Compatible Transformation to.. - Xu, DuVarney, Sekar (2004) (Correct)

No context found.

T. Chiueh and F. Hsu. RAD: A compile-time solution to buffer overflow attacks. In International Conference on Distributed Computing Systems (ICDCS), April 2001.

Fast and Automated Generation of Attack Signatures: A Basis.. - Liang, Sekar (2005) (1 citation) (Correct)

No context found.

T. Chiueh and F. Hsu. RAD: A compile-time solution to buffer overflow attacks. In ICDCS, 2001.

SELF: a Transparent Security Extension for ELF Binaries - DuVarney, Bhatkar.. (2003) (Correct)

No context found.

Tzi cker Chiueh and Fu-Hau Hsu. Rad: A compile-time solution to buffer overflow attacks. In 21st International Conference on Distributed Computing, page 409, Phoenix, Arizona, April 2001.

Automatic Generation of Buffer Overflow Attack Signatures: An.. - Liang, Sekar (2005) (Correct)

No context found.

T. Chiueh and F. Hsu. RAD: A compile-time solution to buffer overflow attacks. In ICDCS, 2001.

A Methodology for Designing Countermeasures Against.. - Younan, Joosen, Piessens (2005) (Correct)

SELF: a Transparent Security Extension for ELF Binaries - DuVarney, Venkatakrishnan, .. (2003) (Correct)

Buffer Overrun Detection Using Linear Programming.. - Ganapathy, Jha.. (2003) (3 citations) (Correct)

No context found.

T-C. Chiueh and F-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In Proceedings of the 21 st International Conference on Distributed Computing Systems (ICDCS), April 2001.

Buffer Overrun Detection using Linear Programming and - Static Analysis Vinod (Correct)

No context found.

T-C. Chiueh and F-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In 21 st Intl. Conf. on Distributed Computing Systems (ICDCS), 2001.

Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback

CiteSeer.IST - Copyright Penn State and NEC