Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software

Software vulnerabilities have had a devastating effect on the Internet. Worms such as Code Red and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage. To successfully combat these fast automatic Internet attacks, one needs fast automatic attack detection and filtering mechanisms. In this paper, the authors propose dynamic taint analysis for automatic detection of overwrite attacks, which include most types of exploit. This approach does not need source code or special compilation for the monitored program, and hence works on commodity software.

Provided by: Carnegie Mellon University Topic: Security Date Added: Jan 2011 Format: PDF

Find By Topic