A Signature-Free Buffer Overflow Attack Blocker Using Genetic Programming
Now-a-days internet threat takes a blended attack form, targeting individual users to gain control over networks and data. Buffer Overflow which is one of the most occurring security vulnerabilities in Internet services such as such as web service, cloud service etc. Motivated by the observation that buffer overflow attacks typically contain executables whereas legitimate client requests never contain executables in most Internet services. Unlike the previous detection algorithms, a new SigFree uses a Genetic Programming technique that is generic, fast, and hard for exploit code to evade. SigFree blocks attacks by detecting the presence of code, it is a signature free, thus it can block new and unknown buffer overflow attacks; SigFree is also immunized from most attack-side code obfuscation.