Timothy K. Tsai, Navjot Singh  Home/Search
Context Related
| avayalabs.com/tech...2001019paper.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: avayalabs.com/techreportY (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: The exploitation of buffer overflow vulnerabilities in process stacks constitutes a significant portion of security attacks. We present a new method to detect and handle such attacks. In contrast to previous methods, this new method works with any existing pre-compiled executable and can be used transparently, even on a system-wide basis. The method intercepts all calls to library functions that are known to be vulnerable. A substitute version of the corresponding function implements the... (Update)
Similar documents based on text: More All
2.5: Libsafe 2.0: Detection of Format String Vulnerability Exploits - Tsai, Singh (2001) (Correct)
2.5: Libsafe: Protecting Critical Elements of Stacks - Baratloo, Tsai, Singh (1999) (Correct)
1.6: Transparent Run-Time Defense Against Stack Smashing Attacks - Baratloo, Singh, Tsai (2000) (Correct)
BibTeX entry: (Update)
A. Baratloo, N. Singh, and T. Tsai. Libsafe: Protecting critical elements of stacks. White Paper http://www.research.avayalabs.com/ project/libsafe/, December 1999. http://citeseer.ist.psu.edu/baratloo01libsafe.html More
@misc{ baratloo99libsafe,
author = "A. Baratloo and N. Singh and T. Tsai",
title = "Libsafe: Protecting critical elements of stacks",
text = "A. Baratloo, N. Singh, and T. Tsai. Libsafe: Protecting critical elements
of stacks. White Paper http://www.research.avayalabs.com/ project/libsafe/,
December 1999.",
year = "1999",
url = "citeseer.ist.psu.edu/baratloo01libsafe.html" }
Citations (may not include all citations):175 A secure environment for untrusted helper applications - Goldberg, Wagner et al. - 1996
141 StackGuard: automatic adaptive detection and prevention of b.. - Cowan, Pu et al. - 1998
100 Interposition agents: Transparently interposing user code at.. - Jones - 1993
88 Static detection of dynamic memory errors - Evans - 1996
72 A first step towards automated detection of buffer overrun v.. - Wagner, Foster et al. - 2000
66 Smashing the stack for fun and profit (context) - One - 1998
54 Transparent run-time defense against stack smashing attacks - Baratloo, Tsai et al. - 2000
31 Mediating connectors (context) - Balzer, Goldman - 1999
28 A tour of the worm (context) - Seeley - 1989
22 With microscope and tweezers: An analysis of the internet vi.. - Eichin, Rochlis - 1988
20 Computer Science Technical Report (context) - Johnson, checker et al. - 1977
19 Stack smashing vulnerabilities in the UNIX operating system (context) - Smith - 1997
14 With microscope and tweezers: The worm from MIT's perspectiv.. (context) - Rochlis, Eichin - 1989
6 Defeating solar designer non-executable stack path (context) - Wojtczuk - 1998
4 Attack class: Buffer overflows (context) - Thomas - 1999
[Article contains additional citations not shown here]
Documents on the same site (http://www.research.avayalabs.com/techreportY.html): More
AMC: An Adaptive Model Checker - Groce, Peled (2002) (Correct)
Profiling UNIX Users And Processes Based on Rarity of Occurrence .. - Ju, Vardi (2001) (Correct)
Goal-Oriented Software Assessment - Weiss, Bennett, Payseur, Tendick.. (2001) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC