Run-time Detection of Heap-based Overflows. Robertson, W., Kruegel, C., Mutz, D., & Valeur, F. In Proc. of the 17th USENIX Systems Admin. Conf., pages 51--60, 2003. ![Run-time Detection of Heap-based Overflows [link]](https://bibbase.org/img/filetypes/link.svg "link")
Paper abstract bibtex Buffer overflows belong to the most common class of attacks on today's Internet. Although stack-based variants are still by far more frequent and well-understood, heap-based overflows have recently gained more attention. Several real-world exploits have been published that corrupt heap management information and allow arbitrary code execution with the privileges of the victim process.This paper presents a technique that protects the heap management information and allows for run-time detection of heap-based overflows. We discuss the structure of these attacks and our proposed detection scheme that has been implemented as a patch to the GNU Lib C. We report the results of our experiments, which demonstrate the detection effectiveness and performance impact of our approach. In addition, we discuss different mechanisms to deploy the memory protection.
@inproceedings{robertson_run-time_2003,
title = {Run-time {Detection} of {Heap}-based {Overflows}},
url = {http://portal.acm.org/citation.cfm?id=1051937.1051947},
abstract = {Buffer overflows belong to the most common class of attacks on today's Internet. Although stack-based variants are still by far more frequent and well-understood, heap-based overflows have recently gained more attention. Several real-world exploits have been published that corrupt heap management information and allow arbitrary code execution with the privileges of the victim process.This paper presents a technique that protects the heap management information and allows for run-time detection of heap-based overflows. We discuss the structure of these attacks and our proposed detection scheme that has been implemented as a patch to the GNU Lib C. We report the results of our experiments, which demonstrate the detection effectiveness and performance impact of our approach. In addition, we discuss different mechanisms to deploy the memory protection.},
urldate = {2011-05-03TZ},
booktitle = {Proc. of the 17th {USENIX} {Systems} {Admin}. {Conf}.},
author = {Robertson, William and Kruegel, Christopher and Mutz, Darren and Valeur, Fredrik},
year = {2003},
keywords = {buffer overflows, buffering, management, memory management},
pages = {51--60}
}
Downloads: 0
{"_id":"M2hPFRRgWvKWqDWeW","bibbaseid":"robertson-kruegel-mutz-valeur-runtimedetectionofheapbasedoverflows-2003","downloads":0,"creationDate":"2016-10-15T13:23:23.790Z","title":"Run-time Detection of Heap-based Overflows","author_short":["Robertson, W.","Kruegel, C.","Mutz, D.","Valeur, F."],"year":2003,"bibtype":"inproceedings","biburl":"http://bibbase.org/zotero/pentarious","bibdata":{"bibtype":"inproceedings","type":"inproceedings","title":"Run-time Detection of Heap-based Overflows","url":"http://portal.acm.org/citation.cfm?id=1051937.1051947","abstract":"Buffer overflows belong to the most common class of attacks on today's Internet. Although stack-based variants are still by far more frequent and well-understood, heap-based overflows have recently gained more attention. Several real-world exploits have been published that corrupt heap management information and allow arbitrary code execution with the privileges of the victim process.This paper presents a technique that protects the heap management information and allows for run-time detection of heap-based overflows. We discuss the structure of these attacks and our proposed detection scheme that has been implemented as a patch to the GNU Lib C. We report the results of our experiments, which demonstrate the detection effectiveness and performance impact of our approach. In addition, we discuss different mechanisms to deploy the memory protection.","urldate":"2011-05-03TZ","booktitle":"Proc. of the 17th USENIX Systems Admin. Conf.","author":[{"propositions":[],"lastnames":["Robertson"],"firstnames":["William"],"suffixes":[]},{"propositions":[],"lastnames":["Kruegel"],"firstnames":["Christopher"],"suffixes":[]},{"propositions":[],"lastnames":["Mutz"],"firstnames":["Darren"],"suffixes":[]},{"propositions":[],"lastnames":["Valeur"],"firstnames":["Fredrik"],"suffixes":[]}],"year":"2003","keywords":"buffer overflows, buffering, management, memory management","pages":"51--60","bibtex":"@inproceedings{robertson_run-time_2003,\n\ttitle = {Run-time {Detection} of {Heap}-based {Overflows}},\n\turl = {http://portal.acm.org/citation.cfm?id=1051937.1051947},\n\tabstract = {Buffer overflows belong to the most common class of attacks on today's Internet. Although stack-based variants are still by far more frequent and well-understood, heap-based overflows have recently gained more attention. Several real-world exploits have been published that corrupt heap management information and allow arbitrary code execution with the privileges of the victim process.This paper presents a technique that protects the heap management information and allows for run-time detection of heap-based overflows. We discuss the structure of these attacks and our proposed detection scheme that has been implemented as a patch to the GNU Lib C. We report the results of our experiments, which demonstrate the detection effectiveness and performance impact of our approach. In addition, we discuss different mechanisms to deploy the memory protection.},\n\turldate = {2011-05-03TZ},\n\tbooktitle = {Proc. of the 17th {USENIX} {Systems} {Admin}. {Conf}.},\n\tauthor = {Robertson, William and Kruegel, Christopher and Mutz, Darren and Valeur, Fredrik},\n\tyear = {2003},\n\tkeywords = {buffer overflows, buffering, management, memory management},\n\tpages = {51--60}\n}\n\n","author_short":["Robertson, W.","Kruegel, C.","Mutz, D.","Valeur, F."],"key":"robertson_run-time_2003","id":"robertson_run-time_2003","bibbaseid":"robertson-kruegel-mutz-valeur-runtimedetectionofheapbasedoverflows-2003","role":"author","urls":{"Paper":"http://portal.acm.org/citation.cfm?id=1051937.1051947"},"keyword":["buffer overflows","buffering","management","memory management"],"downloads":0},"search_terms":["run","time","detection","heap","based","overflows","robertson","kruegel","mutz","valeur"],"keywords":["buffer overflows","buffering","management","memory management"],"authorIDs":[],"dataSources":["QiRZ7m7shEMvADZkd"]}