flops
AI Chat

Variable Record Table: A Run-time Solution for Mitigating Buffer Overflow Attack

09/17/2019
by   Love Kumar Sah, et al.
University of South Florida
0

We present a novel approach to mitigate buffer overflow attack using Variable Record Table (VRT). Dedicated memory space is used to automatically record base and bound information of variables extracted during runtime. We instrument frame pointer and function(s) related registers to decode variable memory space in stack and heap. We have modified Simplescalar/PISA simulator to extract variables space of six (6) benchmark suites from MiBench. We have tested 290 small C programs (MIT corpus suite) having 22 different buffer overflow vulnerabilities in stack and heap. Experimental results show that our approach can detect buffer overflow attack with zero instruction overhead with the memory space requirement up to 13Kb to maintain VRT for a program with 324 variables.

READ FULL TEXT

page 1

page 2

page 3

page 4

Related Research

research
07/26/2020

IdSan: An identity-based memory sanitizer for fuzzing binaries

Most memory sanitizers work by instrumenting the program at compile time...
0 Jos Craaijo, et al.
research
05/18/2021

HeapSafe: Securing Unprotected Heaps in RISC-V

RISC-V is a promising open-source architecture primarily targeted for em...
0 Asmit De, et al.
research
12/30/2020

Stack-based Buffer Overflow Detection using Recurrent Neural Networks

Detecting vulnerabilities in software is a critical challenge in the dev...
0 William Arild Dahl, et al.
research
02/20/2021

Spotting Silent Buffer Overflows in Execution Trace through Graph Neural Network Assisted Data Flow Analysis

A software vulnerability could be exploited without any visible symptoms...
0 Zhilong Wang, et al.
research
04/21/2021

HDR-Fuzz: Detecting Buffer Overruns using AddressSanitizer Instrumentation and Fuzzing

Buffer-overruns are a prevalent vulnerability in software libraries and ...
0 Raveendra Kumar Medicherla, et al.
research
04/20/2020

S3Library: Automatically Eliminating C/C++ Buffer Overflow using Compatible Safer Libraries

Annex K of C11, bounds-checking interfaces, recently introduced a set of...
0 Kang Sun, et al.
research
07/20/2017

VoiceLoop: Voice Fitting and Synthesis via a Phonological Loop

We present a new neural text to speech (TTS) method that is able to tran...
0 Yaniv Taigman, et al.

Please sign up or login with your details

Forgot password? Click here to reset

Become a DeepAI PRO

$4.99/mo
500 AI generator calls per month + $5 per 500 more (includes images)
1750 AI Chat messages per month + $5 per 1750 more
60 Genius Mode messages per month + $5 per 60 more
HD image generator access
Private image generation
Complete styles library
API access
Ad-free experience
*
This is a recurring payment that will happen monthly
*
If you exceed number of images or messages listed, they will be charged at a rate of $5

Pay as you go

Starting at $5 for
100 AI Generator Calls (includes images)
350 AI Chat messages
Does not include Genius Mode
HD image generator access
Private image generation
Complete styles library
API access
Ad-free experience

Out of credits

Your DeepAI PRO account is out of credits - your current balance is $-0.50
Please refill your account to continue using DeepAI PRO.

SHARE