动态免疫软件安全漏洞的实用框架

Zhiqiang Lin, Bing Mao, Li Xie
{"title":"动态免疫软件安全漏洞的实用框架","authors":"Zhiqiang Lin, Bing Mao, Li Xie","doi":"10.1109/ARES.2006.11","DOIUrl":null,"url":null,"abstract":"Many security attacks are caused by software vulnerabilities such as buffer overflow. How to eliminate or mitigate these vulnerabilities, in particular with unstoppable software, is a great challenge for security researchers and practitioners. In this paper, we propose a practical framework to immunize software security vulnerabilities on the fly. We achieve the vulnerability immunization by using a security antibody, which can be implemented independently from the protected software and is used to defend against vulnerability exploitation attacks. And we employ in-core patching technique to attach the antibody quietly into running process, and hence we neither need to re-compile nor re-execute the protected software. The effectiveness of our framework depends on the effectiveness of the antibody that is implemented by redirecting flaw functions into secure ones. As a proof of concept, we have built a prototype and applied it to prevent the software from buffer overflow attacks. Preliminary experimental results show that our framework is practical and efficient for the dynamical immunization of software security vulnerabilities.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"479 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"A practical framework for dynamically immunizing software security vulnerabilities\",\"authors\":\"Zhiqiang Lin, Bing Mao, Li Xie\",\"doi\":\"10.1109/ARES.2006.11\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many security attacks are caused by software vulnerabilities such as buffer overflow. How to eliminate or mitigate these vulnerabilities, in particular with unstoppable software, is a great challenge for security researchers and practitioners. In this paper, we propose a practical framework to immunize software security vulnerabilities on the fly. We achieve the vulnerability immunization by using a security antibody, which can be implemented independently from the protected software and is used to defend against vulnerability exploitation attacks. And we employ in-core patching technique to attach the antibody quietly into running process, and hence we neither need to re-compile nor re-execute the protected software. The effectiveness of our framework depends on the effectiveness of the antibody that is implemented by redirecting flaw functions into secure ones. As a proof of concept, we have built a prototype and applied it to prevent the software from buffer overflow attacks. Preliminary experimental results show that our framework is practical and efficient for the dynamical immunization of software security vulnerabilities.\",\"PeriodicalId\":106780,\"journal\":{\"name\":\"First International Conference on Availability, Reliability and Security (ARES'06)\",\"volume\":\"479 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-04-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"First International Conference on Availability, Reliability and Security (ARES'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2006.11\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"First International Conference on Availability, Reliability and Security (ARES'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2006.11","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5

摘要

很多安全攻击都是由软件漏洞引起的,比如缓冲区溢出。如何消除或减轻这些漏洞,特别是不可阻挡的软件,是安全研究人员和从业人员面临的巨大挑战。在本文中,我们提出了一个实用的框架来动态免疫软件安全漏洞。我们通过使用安全抗体来实现漏洞免疫,该安全抗体可以独立于被保护的软件实现,用于防御漏洞利用攻击。我们采用核内补丁技术,将抗体悄无声息地附着到运行过程中,不需要重新编译和重新执行受保护的软件。我们的框架的有效性取决于抗体的有效性,该抗体是通过将缺陷功能重定向到安全功能来实现的。作为概念验证,我们建立了一个原型,并应用它来防止软件受到缓冲区溢出攻击。初步实验结果表明,该框架对于软件安全漏洞的动态免疫是实用有效的。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
A practical framework for dynamically immunizing software security vulnerabilities
Many security attacks are caused by software vulnerabilities such as buffer overflow. How to eliminate or mitigate these vulnerabilities, in particular with unstoppable software, is a great challenge for security researchers and practitioners. In this paper, we propose a practical framework to immunize software security vulnerabilities on the fly. We achieve the vulnerability immunization by using a security antibody, which can be implemented independently from the protected software and is used to defend against vulnerability exploitation attacks. And we employ in-core patching technique to attach the antibody quietly into running process, and hence we neither need to re-compile nor re-execute the protected software. The effectiveness of our framework depends on the effectiveness of the antibody that is implemented by redirecting flaw functions into secure ones. As a proof of concept, we have built a prototype and applied it to prevent the software from buffer overflow attacks. Preliminary experimental results show that our framework is practical and efficient for the dynamical immunization of software security vulnerabilities.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Inter-domains security management (IDSM) model for IP multimedia subsystem (IMS) Securing DNS services through system self cleansing and hardware enhancements No risk is unsafe: simulated results on dependability of complementary currencies Quality of password management policy Recovery mechanism of cooperative process chain in grid
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1