On the Effectiveness of NX, SSP, RenewSSP, and ASLR against Stack Buffer Overflows
Stack Smashing Protector (SSP), Address-Space Layout Randomization (ASLR) and Non-executable (NX) are techniques for defending systems against buffer overflow attacks but not limited to them. These mechanism are available in modern operating systems like Android, GNU/Linux and Windows. Unfortunately...
Gespeichert in:
| Veröffentlicht in: | 2014 IEEE 13th International Symposium on Network Computing and Applications S. 145 - 152 |
|---|---|
| Hauptverfasser: | , |
| Format: | Tagungsbericht |
| Sprache: | Englisch |
| Veröffentlicht: |
IEEE
01.08.2014
|
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Abstract | Stack Smashing Protector (SSP), Address-Space Layout Randomization (ASLR) and Non-executable (NX) are techniques for defending systems against buffer overflow attacks but not limited to them. These mechanism are available in modern operating systems like Android, GNU/Linux and Windows. Unfortunately, to keep up with the rapidly evolving landscape of cyber-security it is necessary to reassess the effectiveness of these protection techniques to avoid a false sense of security. This paper assess the effectiveness of these techniques against stack buffer overflow exploitation. Our study indicates that the SSP technique is the most effective against stack buffer overflows. On forking servers, the ASLR technique is almost useless on 32-bit architectures due to the limited entropy provided by the size of the address space. The recently proposed technique Renew SSP, which is an improvement of the well known SSP, outperforms the original SSP in all the cases, it is highly effective against the dangerous byte-for-byte attack and on systems with low secret entropy as x86 and ARM. |
|---|---|
| AbstractList | Stack Smashing Protector (SSP), Address-Space Layout Randomization (ASLR) and Non-executable (NX) are techniques for defending systems against buffer overflow attacks but not limited to them. These mechanism are available in modern operating systems like Android, GNU/Linux and Windows. Unfortunately, to keep up with the rapidly evolving landscape of cyber-security it is necessary to reassess the effectiveness of these protection techniques to avoid a false sense of security. This paper assess the effectiveness of these techniques against stack buffer overflow exploitation. Our study indicates that the SSP technique is the most effective against stack buffer overflows. On forking servers, the ASLR technique is almost useless on 32-bit architectures due to the limited entropy provided by the size of the address space. The recently proposed technique Renew SSP, which is an improvement of the well known SSP, outperforms the original SSP in all the cases, it is highly effective against the dangerous byte-for-byte attack and on systems with low secret entropy as x86 and ARM. |
| Author | Gisbert, Hector Marco Ripoll, Ismael |
| Author_xml | – sequence: 1 givenname: Hector Marco surname: Gisbert fullname: Gisbert, Hector Marco email: hecmargi@upv.es organization: Dept. de Inf. de Sist. y Comput., Univ. Politec. de Valencia, Valencia, Spain – sequence: 2 givenname: Ismael surname: Ripoll fullname: Ripoll, Ismael email: iripoll@upv.es organization: Dept. de Inf. de Sist. y Comput., Univ. Politec. de Valencia, Valencia, Spain |
| BookMark | eNotjM1KxDAYRSMoqGNXLt3kAaY1X5PmZ1nL-ANlKq2CuyFpv2hxbKWpM_j2DurqHg6ce06Oh3FAQi6BJQDMXK-LPEkZiCTVRyQySoNQxmTccHlKohB6x1KppBAKzkhdDXR-Q7ryHtu53-GAIdDR0_XLkjbN45LWB7X_JTt0NG_KmtpX2w9hps1s23d683VoJ1rtcPLbcR8uyIm324DR_y7I8-3qqbiPy-ruocjLuAeVzbGGTGe609yxlkEqfIbO8c65TlkjnDACMwdOW66VBM-dBYed7lpgiEZKviBXf789Im4-p_7DTt8baVKRguE_rvVNkw |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/NCA.2014.28 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Xplore IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781479953936 1479953938 147995392X 9781479953929 |
| EndPage | 152 |
| ExternalDocumentID | 6924219 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL ALMA_UNASSIGNED_HOLDINGS CBEJK RIB RIC RIE RIL |
| ID | FETCH-LOGICAL-i175t-815858d83b0c0124f5ebb3dbbd7a94b494e5b1b8a38761f3ba1bed8dc10ee9663 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 17 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000355261300024&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Dec 20 05:18:27 EST 2023 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i175t-815858d83b0c0124f5ebb3dbbd7a94b494e5b1b8a38761f3ba1bed8dc10ee9663 |
| PageCount | 8 |
| ParticipantIDs | ieee_primary_6924219 |
| PublicationCentury | 2000 |
| PublicationDate | 2014-Aug. |
| PublicationDateYYYYMMDD | 2014-08-01 |
| PublicationDate_xml | – month: 08 year: 2014 text: 2014-Aug. |
| PublicationDecade | 2010 |
| PublicationTitle | 2014 IEEE 13th International Symposium on Network Computing and Applications |
| PublicationTitleAbbrev | NCA |
| PublicationYear | 2014 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssib026764471 |
| Score | 1.6526089 |
| Snippet | Stack Smashing Protector (SSP), Address-Space Layout Randomization (ASLR) and Non-executable (NX) are techniques for defending systems against buffer overflow... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 145 |
| SubjectTerms | Computer crashes Entropy Force Layout Libraries Payloads Servers |
| Title | On the Effectiveness of NX, SSP, RenewSSP, and ASLR against Stack Buffer Overflows |
| URI | https://ieeexplore.ieee.org/document/6924219 |
| WOSCitedRecordID | wos000355261300024&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEJ4A8eBJDRjf6cEjBfbBtj2ikXgwCwFNuJE-DdHsGljk7zvdXdGDFy9N00ObTCfzzbQz8wHcCsRtNdCSSrxTivGXplIyRkPmQhv5pMrQlGQTLE35YiGmDejua2GstWXyme35afmXb3K99U9l_UT4D0zRhCZjrKrV-tadEHeN0dDWJXjBQPTT-5FP3Yp7nmn9F3VKiRzjo_-deQydnxI8Mt2Dywk0bNaG2SQj6LCRquVwbadI7ki66JL5fNolM1zalTOZGTKaP82IfMXgf1MQdCv1G7nbekIUMkENdu_5btOBl_HD8_0jrUkR6AqRvqA8QAefGx6hhBFcYje0SkVGKcOkiFUsYjtUgeIyQjsXuEjJQFnDjQ4G1mJsE51CK8szewYE7YvzzXNCm4hYO99JL3EsUdwlQxz0ObS9PJYfVd-LZS2Ki7-XL-HQS7tKjruCVrHe2ms40J_FarO-KS_rC46flQo |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LTwIxEJ4gmuhJDRjf9uCRBXa3--gRiQQjLgQw4Ub6NESzGFjk7zvdXR8HL16aSQ9tMm3mm2ln5gO4ZYjboi25w_FMHYy_pMN5FDleZDzt26RKT-VkE1GSxLMZG1Wg8V0Lo7XOk89004r5X75ayo19KmuFzH5gsh3YDSgKRbXW1-3xcF2KprYswnPbrJV0OzZ5izYt1_ov8pQcO3qH_9v1COo_RXhk9A0vx1DRaQ3Gw5Sgy0aKpsOlpSJLQ5JZg0wmowYZ49Q2l3iqSGcyGBP-guH_OiPoWMpXcrexlChkiHfYvC236zo89-6n3b5T0iI4C8T6zIlddPFjFfuoY4QXagIthK-EUBFnVFBGdSBcEXMfLZ1rfMFdoVWspNvWGqMb_wSq6TLVp0DQwhjbPsfTIaPS2F56oYlCEZswwEGeQc3qY_5edL6Yl6o4_3v6Bvb706fBfPCQPF7AgdV8kSp3CdVstdFXsCc_ssV6dZ0f3CeBFphR |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2014+IEEE+13th+International+Symposium+on+Network+Computing+and+Applications&rft.atitle=On+the+Effectiveness+of+NX%2C+SSP%2C+RenewSSP%2C+and+ASLR+against+Stack+Buffer+Overflows&rft.au=Gisbert%2C+Hector+Marco&rft.au=Ripoll%2C+Ismael&rft.date=2014-08-01&rft.pub=IEEE&rft.spage=145&rft.epage=152&rft_id=info:doi/10.1109%2FNCA.2014.28&rft.externalDocID=6924219 |