首页> 外文会议>Algorithms and architectures for parallel processing >A Lightweight Buffer Overflow Protection Mechanism with Failure-Oblivious Capability
【24h】

A Lightweight Buffer Overflow Protection Mechanism with Failure-Oblivious Capability

机译:具有可忽略故障能力的轻量级缓冲区溢出保护机制

获取原文
获取原文并翻译 | 示例

摘要

Buffer overflow has become a major source of network security vulnerability. Traditional schemes for detecting buffer overflow attacks usually terminate the attacked service, degrading the service availability. In this paper, we propose a lightweight buffer overflow protection mechanism that allows continued network service. The proposed mechanism allows a service program to reconfigure itself to identify and protect the vulnerable functions upon buffer overflow attacks. Protecting only the vulnerable functions, instead of the whole program, keeps the runtime overhead small. Moreover, the mechanism adopts the idea of failure-oblivious computing to allow service programs to execute through memory errors caused by the attacks once the vulnerable functions have been identified, eliminating the need of restarting the service program upon further attacks to the vulnerable functions. We have applied the mechanism on five Internet servers. The experiment results show that the mechanism has little impact on the runtime performance.
机译:缓冲区溢出已成为网络安全漏洞的主要来源。用于检测缓冲区溢出攻击的传统方案通常会终止受攻击的服务,从而降低服务的可用性。在本文中,我们提出了一种轻量级的缓冲区溢出保护机制,该机制允许持续的网络服务。所提出的机制允许服务程序重新配置自身,以在缓冲区溢出攻击时识别并保护易受攻击的功能。仅保护易受攻击的功能,而不是整个程序,可以减少运行时开销。此外,该机制采用了无故障计算的思想,以使服务程序能够在识别出易受攻击的功能后,通过由攻击引起的内存错误来执行,从而消除了在进一步攻击易受攻击的功能时重启服务程序的需求。我们已经在五台Internet服务器上应用了该机制。实验结果表明,该机制对运行时性能影响不大。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号