Jun Xu, Zbigniew Kalbarczyk, Sanjay Patel, Ravishankar K. Iyer  Home/Search
Context Related
| uiuc.edu/EASY/Papers02/EASY02xu.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: uiuc.edu/EASY/e...2finalprogram (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Buffer overflow attacks are the predominant threat to the secure operation of network and in particular, Internetbased applications. Stack smashing is a common mode of buffer overflow attack for hijacking system control. This paper evaluates two architecture-based techniques to defend systems against such attacks: (1) the split control and data stack, and (2) secure return address stack (SRAS). The split stack approach separates control and data stack to prevent the function return address from ... (Update)
Cited by: More
iWatcher: Efficient Architectural Support for Software.. - Zhou, Qin, Liu, Zhou.. (2004) (Correct)
A Framework For Trusted Instruction Execution Via.. - Milenkovic.. (Correct)
Active bibliography (related documents): More All
0.5: Why do Internet services fail, and what can be done.. - Oppenheimer, Ganapathi, .. (2003) (Correct)
0.5: Role Classification of Hosts within Enterprise.. - Tan, Poletto.. (2003) (Correct)
0.2: Libsafe: Protecting Critical Elements of Stacks - Tsai, Singh (2001) (Correct)
Similar documents based on text: More All
0.8: StackGuard: Automatic Adaptive Detection and Prevention of.. - Cowan (1998) (Correct)
0.8: The Principle, Attack Patterns, and Defense Methods of Buffer.. - Hsu (2000) (Correct)
0.7: A Binary Rewriting Defense against Stack Based Overflow attacks - Prasad, Chiueh (Correct)
Related documents from co-citation: More All
4: Practical data breakpoints: Design and implementation - Wahbe, Lucco et al. - 1993
4: A Scalable Approach to Thread-Level Speculation - Steffan, Colohan et al. - 2000
4: Automatic verification of the SCI cache coherence protocol - Stern, Dill - 1995
BibTeX entry: (Update)
J. Xu, Z. Kalbarczyk, S. Patel, and R. K. Iyer. Architecture support for defending against buffer overflow attacks. EASY-2 Workshop, October 2002. http://citeseer.ist.psu.edu/xu02architecture.html More
@misc{ xu02architecture,
author = "J. Xu and Z. Kalbarczyk and S. Patel and R. Iyer",
title = "Architecture support for defending against buffer overflow attacks",
text = "J. Xu, Z. Kalbarczyk, S. Patel, and R. K. Iyer. Architecture support for
defending against buffer overflow attacks. EASY-2 Workshop, October 2002.",
year = "2002",
url = "citeseer.ist.psu.edu/xu02architecture.html" }
Citations (may not include all citations):177 Evaluating Future Microprocessor: the SimpleScalar Tool Set - Burger, Austin et al. - 1996
141 StackGuard: Automatic Adaptive Detection and Prevention of B.. - Cowan, Pu et al. - 1998
88 Static Detection of Dynamic Memory Errors - Evans - 1996
79 Intel Architecture Software Developer's Manual (context) - Corporation - 1999
72 A First Step Towards Automated Detection of Buffer Overrun V.. - Wagner, Foster et al. - 2000
66 Smashing The Stack For Fun And Profit (context) - One - 1996
54 Transparent Run-Time Defense Against Stack Smashing Attacks - Baratloo, Tsai et al. - 2000
35 Statically detecting likely buffer overflow vulnerabilities - Larochelle, Evans - 2001
30 Improving prediction for procedure returns with returnaddres.. - Skadron, Ahuja et al. - 1998
25 Bypassing StackGuard and StackShield (context) - Kil - 2000
22 With Microscope and Tweezers: An Analysis of the Internet Vi.. - Eichin, Rochlis - 1988
6 Defeating Solar Designer Non-executable Stack Patch (context) - Wojtczuk - 1998
2 19 Code Red Worm Exploiting Buffer Overflow In IIS Indexing .. (context) - CC, CA-- - 2001
2 Bell Laboratories Computer Science Technical Report (context) - Johnson, Checker - 1977
1 Libsafe: Protecting Critical Elements of Stacks (context) - Research - 2002
1 UPNP Multiple Remote Window XPME Vulnerabilitie (context) - Security, Remote et al.
http://www.cert.org/advisories/
http://www.openwall.com/linux/
http://gcc.gnu.org/
http://www.wu-ftpd.org/
Documents on the same site (http://www.crhc.uiuc.edu/EASY/easy02-final-program.html): More
Using Fault Model Enforcement to Improve Availability - Nagaraja, Bianchini.. (2002) (Correct)
Failure from the Field: Complexity Kills - George Herbe Rt (Correct)
Determining Acceptance Tests for Application-Level Fault.. - Ciocca, Koren, Krishna (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC