Alternate document:   Details   The Principle, Attack Patterns, and Defense Methods of Buffer Overflow Attacks (00) Fu-Hau Hsu

See this document in CiteSeerX!

The Principle, Attack Patterns, and Defense Methods of Buffer Overflow Attacks (2000)  (Make Corrections)  (14 citations)
Fu-Hau Hsu



  Home/Search   Context   Related

 
View or download:
sunysb.edu/tr/TR87.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  sunysb.edu/tech_reports (more)
Homepages:  F.Hsu  

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Buffer overflow attack can inflict upon almost arbitrary programs and is one of the most common vulnerabilities that can seriously compromise the security of a network-attached computer system. This paper presents a compiler-based solution to the notorious buffer overflow attack problem. Using this solution, users can prevent attackers from compromising their systems by changing the return address to execute injected code, which is the most common method used in buffer overflow attacks. Return... (Update)

Cited by:   More
An Efficient and Backwards-Compatible Transformation to.. - Xu, DuVarney, Sekar (2004)   (Correct)
A Methodology for Designing Countermeasures Against.. - Younan, Joosen, Piessens (2004)   (Correct)
Using DISE to Protect Return Addresses from Attack - Marc Corliss Christopher (2004)   (Correct)

Similar documents (at the sentence level):
49.6%:   The Principle, Attack Patterns, and Defense Methods of Buffer.. - Hsu (2000)   (Correct)

Active bibliography (related documents):   More   All
0.6:   StackGuard: Automatic Adaptive Detection and Prevention of.. - Cowan (1998)   (Correct)
0.3:   Transparent Run-Time Defense Against Stack Smashing Attacks - Baratloo, Singh, Tsai (2000)   (Correct)
0.3:   Libsafe: Protecting Critical Elements of Stacks - Tsai, Singh (2001)   (Correct)

System load high. Please wait...
Timeout. Please try your query later.
Similar documents based on text:   More   All
0.9:   A Binary Rewriting Defense against Stack Based Overflow attacks - Prasad, Chiueh   (Correct)
0.7:   Architecture Support for Defending Against Buffer.. - Xu, Kalbarczyk, Patel.. (2002)   (Correct)
0.5:   Testing C Programs for Buffer Overflow Vulnerabilities - Haugh, Bishop (2003)   (Correct)

Related documents from co-citation:   More   All
9:   CCured: Type-safe retrofitting of legacy code - Necula, McPeak et al. - 2002
9:   Stackguard: Automatic adaptive detection and prevention of buffer-overflow attac.. - Cowan, Pu et al. - 1998
7:   A first step towards automated detection of buffer overrun vulnerabilities - Wagner, Foster et al. - 2000

BibTeX entry:   (Update)

T. cker Chiueh and F.-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In Proceedings of the 21th International Conference on Distributed Computing Systems (ICDCS), Phoenix, Arizona, USA, April 2001. http://citeseer.ist.psu.edu/hsu00principle.html   More

@misc{ chiueh01rad,
  author = "T. Chiueh and F. Hsu",
  title = "RAD: A compile-time solution to buffer overflow attacks",
  text = "T. cker Chiueh and F.-H. Hsu. RAD: A compile-time solution to buffer overflow
    attacks. In Proceedings of the 21th International Conference on Distributed
    Computing Systems (ICDCS), Phoenix, Arizona, USA, April 2001.",
  year = "2001",
  url = "citeseer.ist.psu.edu/hsu00principle.html" }
Citations (may not include all citations):
261   Modern Operating System (context) - Tanenbaum - 1992
141   StackGuard: Automatic Adaptive Detection and Prevention of B.. - Cowan, Pu et al. - 1998
106   Advanced Programming in the UNIX Environment (context) - Stevens - 1992  ACM
95   Linux Kernel Internals (context) - Beck, Bohme et al. - 1996  ACM
84   Data Mining approaches for Intrusion Detection - Lee, Stolfo - 1998
66   Smashing The Stack For Fun and Profit (context) - One
53   The Internet Worm Program: Analysis - Spafford - 1989
38   Practical UNIX & Internet Security (context) - Garfinkel, Spafford - 1996
34   Backwards-compatible Bounds Checking for arrays and pointers.. - Jones, Kelly  DBLP
19   Stack Smashing Vulnerabilities in the UNIX Operating System (context) - Smith
15   ww Heap Overflow (context) - on, http et al.
12   The Linux Kernel Book (context) - Card, Dumas et al. - 1998  ACM
6   Non-Executable User Stack (context) - Designer
4   Attack Class: Buffer Overflow (context) - Thomas
4   Synthesizing Fast Intrusion Detection/Prevention Systems fro.. (context) - Sekar, Uppuluri - 1999
3   Bugtraq Mailing List (context) - One
2   Linux SuperProbe vulnerability (context) - Swap-Linux
2   FreeBSD Insecure Library Function's Stack Integrity Check (context) - Snarskii - 1997
2   StackGuard Compilser: a Gcc Enhancement (context) - Cowan
2   Posting to Bugtraq Mailing List (context) - Cowan
2   Posting to Bugtraq Mailing List (context) - Newsham - 1997
2   Pointers to Functions (context) - Summit



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://www.ecsl.cs.sunysb.edu/tech_reports.html):   More
Dynamic 3D Graphics Workload Characterization and the.. - Mitra, Chiueh (1999)   (Correct)
File System Support for Multimedia Applications - Niranjan (1996)   (Correct)
Integrated Volume Compression and Visualization - Chiueh, Yang, He, Pfister.. (1997)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC