Mitigating Use-After-Free Attack with Application Program Loader

机译：通过应用程序加载程序缓解免费使用后攻击

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

In the area of software security, use-after-free vulnerabilities have been reported since 2006. When the target vulnerable application is run, the attack exploits a dangling pointer after the heap memory is released. Until today, use-after-free attacks have been frequently reported in popular software such as browsers. This is a serious software security problem because a use-after-free attack allows an attacker to execute an arbitrary code to hijack an application control flow or to force a system crash. Some countermeasures have been proposed to thwart such attacks. However, most of these countermeasures have some problems such as the necessity of a source code or the problem of dependency. In this paper, we propose and evaluate the implementation of an application-level program loader to mitigate the use-after-free attack.

机译：在软件安全领域，自2006年以来，已经报告过使用后使用漏洞。当目标易受攻击的应用程序运行时，攻击将在释放堆内存后利用悬挂指针。直到今天，在流行的软件（如浏览器）中，经常有使用后使用的攻击的报道。这是一个严重的软件安全问题，因为“用后使用”攻击使攻击者可以执行任意代码来劫持应用程序控制流或迫使系统崩溃。已经提出了一些阻止这种攻击的对策。但是，这些对策中的大多数都有一些问题，例如需要源代码或依赖问题。在本文中，我们提出并评估了应用程序级程序加载器的实现，以减轻无用后攻击。

著录项

来源
《IEEE International Conference on Advanced Information Networking and Applications》|2017年|919-924|共6页
会议地点
作者
Takamichi Saito; Shuta Kondo; Hiroyuki Miyazaki; Wang Bing; Ryohei Watanabe; Ryota Sugawara; Masateru Yokoyama;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Libraries; Ground penetrating radar; Geophysical measurement techniques; Standards; Security; Linux; Memory management;

机译：图书馆;探地雷达;地球物理测量技术;标准;安全性; Linux;内存管理;

相似文献

外文文献
中文文献
专利

1. Mitigating Use-After-Free Attacks Using Memory-Reuse-Prohibited Library [J] . Toshihiro YAMAUCHI, Yuta IKEGAMI, Yuya BAN IEICE transactions on information and systems . 2017,第10期

机译：使用禁止内存重用的库减轻释放后使用的攻击
2. Assessment of the approved Risk Evaluation and Mitigation Strategy programs for New Drug Applications and Biologics Licensing Applications [J] . Johnson Nina A., Priefer Ronny Regulatory Toxicology and Pharmacology: RTP . 2019,第期

机译：评估新药物应用和生物制剂许可申请的批准风险评估和缓解战略方案
3. Development of field programmable gate array–based encryption module to mitigate man-in-the-middle attack for nuclear power plant data communication network [J] . Mohamed Abdallah Elakrat, Jae Cheon Jung Nuclear engineering and technology . 2018,第5期

机译：开发基于现场可编程门阵列的加密模块，以减轻核电厂数据通信网络的中间人攻击
4. Mitigating Use-After-Free Attack with Application Program Loader [C] . Takamichi Saito, Shuta Kondo, Hiroyuki Miyazaki, IEEE International Conference on Advanced Information Networking and Applications . 2017

机译：使用Application Program Loader缓解使用欠缺的攻击
5. A novel puzzle-based framework for mitigating distributed denial of service attacks against internet applications [D] . Abliz, Mehmud 2015

机译：一个新颖的基于拼图的框架，用于缓解针对Internet应用程序的分布式拒绝服务攻击
6. From fatalism to mitigation: a conceptual framework for mitigating fetal programming of chronic disease by maternal obesity [O] . Janne Boone-Heinonen, Lynne C. Messer, Stephen P. Fortmann, -1

机译：从宿命论到缓解：缓解孕产妇肥胖引起的慢性疾病胎儿编程的概念框架
7. Mitigating Use-After-Free Attacks Using Memory-Reuse-Prohibited Library [O] . Toshihiro YAMAUCHI, Yuta IKEGAMI, Yuya BAN 2017

机译：使用内存重用禁止的库缓解使用缺失的攻击

Mitigating Use-After-Free Attack with Application Program Loader

摘要

著录项

相似文献

相关主题

期刊订阅