Bibliographic Details
| Title: |
Defence against code injection attacks |
| Authors: |
H Alnabulsi, Q Mamun, R Islam, Morshed Chowdhury |
| Publication Year: |
2015 |
| Subject Terms: |
Uncategorized, security, code injection attachs, malicious, Science & Technology, Technology, Computer Science, Theory & Methods, Engineering, Electrical & Electronic, Telecommunications, Code injection attacks, scipo, hist |
| Description: |
Code injection attacks are considered serious threats to the Internet users. In this type of attack the attacker injects malicious codes in the user programs to change or divert the execution flows. In this paper we explore the contemporary defence strategies against code injection attacks (CIAs) and underline their limitations. To overcome these limitations, we suggest a number of countermeasure mechanisms for protecting from CIAs. Our key idea relies on the multiplexing technique to preserve the exact return code to ensure the integrity of program execution trace of shell code. This technique also maintains a FIFO (first in first out) queue to defeat the conflict state when multiple caller method makes a call simultaneously. Finally, our technique can provide better performance, in terms of protection and speed, in some point compared to the CFI (control flow integrity) as well as CPM (code pointer masking) techniques. |
| Document Type: |
book part |
| Language: |
unknown |
| Relation: |
http://hdl.handle.net/10536/DRO/DU:30082876 |
| Availability: |
http://hdl.handle.net/10536/DRO/DU:30082876 |
| Rights: |
undefined |
| Accession Number: |
edsbas.B32B8DD8 |
| Database: |
BASE |
Nájsť tento článok vo Web of Science