Your search keyword '"Buffer overflow"' showing total 19 results

1. A buffer overflow detection and defense method based on RISC-V instruction set extension.

Author

Liu, Chang, Wu, Yan-Jun, Wu, Jing-Zheng, and Zhao, Chen

Subjects

COMPUTER operating system security measures, PROBLEM solving, BUFFER solutions, SYSTEMS development, SECURITY systems

Abstract

Buffer overflow poses a serious threat to the memory security of modern operating systems. It overwrites the contents of other memory areas by breaking through the buffer capacity limit, destroys the system execution environment, and provides implementation space for various system attacks such as program control flow hijacking. That makes it a wide range of harms. A variety of security technologies have been proposed to deal with system security problems including buffer overflow. For example, No eXecute (NX for short) is a memory management technology commonly used in Harvard architecture. It can refuse the execution of code which residing in a specific memory, and can effectively suppress the abnormal impact of buffer overflow on control flow. Therefore, in recent years, it has also been used in the field of system security, deriving a series of solutions based on NX technology, such as ExecShield, DEP, StackGuard, etc. However, these security solutions often rely too much on the processor architecture so that the protection coverage is insufficient and the accuracy is limited. Especially in the emerging system architecture field represented by RISC-V, there is still a lack of effective solutions for buffer overflow vulnerabilities. With the continuous rapid development of the system architecture, it is urgent to develop defense methods that are applicable to different system application environments and oriented to all executable memory spaces to meet the needs of system security development. Therefore, we propose BOP, A new system memory security design method based on RISC-V extended instructions, to build a RISC-V buffer overflow detection and defense system and deal with the buffer overflow threat in RISC-V. According to this method, NX technology can be combined with program control flow analysis, and NX bit mechanism can be used to manage the executability of memory space, so as to achieve a more granular detection and defense of buffer overflow attacks that may occur in RISC-V system environment. In addition, The memory management and control function of BOP is not only very suitable for solving the security problems in the existing single architecture system, but also widely applicable to the combination of multiple heterogeneous systems. [ABSTRACT FROM AUTHOR]

Published

2023

2. Priority based data gathering using multiple mobile sinks in cluster based UWSNs for oil pipeline leakage detection.

Author

Goyal, Nitin, Kumar, Ashok, Popli, Renu, Awasthi, Lalit Kumar, Sharma, Nonita, and Sharma, Gaurav

Subjects

*LEAK detection, *PETROLEUM pipelines, *BASE oils, *WIRELESS sensor networks, *DATABASES

Abstract

Energy efficient and completely reliable data gathering in resource constrained sparse Underwater Wireless Sensor Networks (UWSNs) is challenging and requires dedicated routing techniques. Routing having mobility assistance employs a Mobile Sink (MS) or a mobile relay for data gathering. It mitigates transmission power consumption as well as relaying overhead. But multiple MSs should be deployed in order to reduce the load of a single MS. The visiting schedule of each MS should consider the priority of data, data gathering delay and buffer overflow of each sensor. In order to address these issues, a priority-based data gathering scheme using multiple MSs for clustered UWSN is proposed to help in pipeline leakage detection under the water. In this work, each MS is deployed in such a way so that it can move in both the directions i.e., top to bottom or bottom to top. When a Cluster Head (CH) receives critical data, it sends an emergency notification to the nearest MS via other CHs. Upon receiving the emergency notification, MS immediately visits that CH to gather the critical data (oil leakage). [ABSTRACT FROM AUTHOR]

Published

2022

3. Automatic Buffer Overflow Warning Validation.

Author

Gao, Feng-Juan, Wang, Yu, Wang, Lin-Zhang, Yang, Zijiang, and Li, Xuan-Dong

Subjects

COMBINED sewer overflows, WARNINGS, SOURCE code

Abstract

Static buffer overflow detection techniques tend to report too many false positives fundamentally due to the lack of software execution information. It is very time consuming to manually inspect all the static warnings. In this paper, we propose BovInspector, a framework for automatically validating static buffer overflow warnings and providing suggestions for automatic repair of true buffer overflow warnings for C programs. Given the program source code and the static buffer overflow warnings, BovInspector first performs warning reachability analysis. Then, BovInspector executes the source code symbolically under the guidance of reachable warnings. Each reachable warning is validated and classified by checking whether all the path conditions and the buffer overflow constraints can be satisfied simultaneously. For each validated true warning, BovInspector provides suggestions to automatically repair it with 11 repair strategies. BovInspector is complementary to prior static buffer overflow discovery schemes. Experimental results on real open source programs show that BovInspector can automatically validate on average 60% of total warnings reported by static tools. [ABSTRACT FROM AUTHOR]

Published

2020

4. SSPFA: effective stack smashing protection for Android OS.

Author

Marco-Gisbert, Héctor and Ripoll-Ripoll, Ismael

Subjects

*ARCHITECTURE, *SECURITIES

Abstract

In this paper, we detail why the stack smashing protector (SSP), one of the most effective techniques to mitigate stack buffer overflow attacks, fails to protect the Android operating system and thus causes a false sense of security that affects all Android devices. We detail weaknesses of existing SSP implementations, revealing that current SSP is not secure. We propose SSPFA, the first effective and practical SSP for Android devices. SSPFA provides security against stack buffer overflows without changing the underlying architecture. SSPFA has been implemented and tested on several real devices showing that it is not intrusive, and it is binary-compatible with Android applications. Extensive empirical validation has been carried out over the proposed solution. [ABSTRACT FROM AUTHOR]

Published

2019

5. Traffic-aware Cooperative Binary Exponential Backoff Algorithm for Low Power and Lossy Networks.

Author

Hussen, Hassen, Teja, Chekka, Miao, Ting, Kim, Kangseok, and Kim, Ki-Hyung

Subjects

CARRIER sense multiple access, MULTIPLE access protocols (Computer network protocols), COMPUTER network protocols, NETWORK routing protocols, COMPUTER algorithms

Abstract

In Low Power and Lossy Networks (LLNs), not only the transmission qualities between a sender and a receiver, but also the channel contention and resource limitations at the receiver side should be considered. Providing efficient backoff mechanism against channel access collision problem in low-power, low-cost and low data rate networks has received a lot of attention from many researchers in the field. In such networks, the IEEE 802.15.4 Medium Access Control protocol CSMA/CA uses Binary Exponential Backoff (BEB) algorithm to address the channel collision problem. Though BEB reduces collision on the multiple channel access, there is still a high packet drop probability due to the buffer limitation on the receiving node. To overcome this problem, this paper focuses on the BEB issues for LLNs and targets on RPL, which is one of the most popular cooperative routing protocols in LLNs. In RPL, it is not uncommon to have a node with relatively higher traffic than neighbor nodes because children nodes have a tendency to select a good routing metric node as a parent. If traffic concentrates on a good quality parent, it becomes inevitable to get packet loss due to the buffer overflow and channel collision. In this paper we have proposed a Traffic-aware cooperative Binary Exponential Backoff (TBEB) algorithm for LLNs with RPL routing protocol. TBEB handles the multiple channel access issue in such a way that it avoids not only the collision at the sender (child node) side but also the buffer overflow at the receiver (parent node) side without degrading the channel utilization and the throughput efficiency. MATLAB simulator is used to evaluate the performance of the proposed scheme and then compare the result with BEB and Improved BEB. Simulation results show that the TBEB algorithm improves the throughput while minimizing packet discard counts and the channel collision through maintaining good channel utilization. [ABSTRACT FROM AUTHOR]

Published

2016

6. Modeling the search for vulnerabilities via the fuzzing method using an automation representation of network protocols.

Author

Pechenkin, A. and Lavrova, D.

Abstract

Currently, fuzzing is one of the most popular methods of revealing security problems of programs, information systems, network protocols, and web resources. A formal description of network protocols as a set of the processes of switching between states has been proposed, as well as an approach to fuzzing process modeling that allows one to detect network protocol vulnerabilities based on input data generation and the analysis of network protocol process states. [ABSTRACT FROM AUTHOR]

Published

2015

7. Power and Buffer Overflow Optimization in Wireless Sensor Nodes.

Author

Joshi, Gauri, Dwivedi, Sudhanshu, Goel, Anshul, Mulherkar, Jaideep, and Ranjan, Prabhat

Abstract

Prolonging the life span of the network is the prime focus in highly energy constrained wireless sensor networks. Sufficient number of active nodes can only ensure proper coverage of the sensing field and connectivity of the network. If most of the nodes get their batteries depleted then it is not possible to maintain the network. In order to have long lived network it is mandatory to have long lived sensor nodes and hence power optimization at node level becomes equally important as power optimization at network level. In this paper need for a dynamically adaptive sensor node is signified in order to optimize power at individual nodes. We have analyzed a wireless sensor node using queuing theory. A sensor node is looked upon as a tandem queue in which first server is the processor or micro controller and the second server in series is the transmitter. Both the servers have finite and very small buffers associated with them as the sensor nodes are tiny devices and have very limited hardware. In this paper we have analyzed and simulated sensor node models. First we have considered a sensor node working with fixed service rate (processing rate and transmission rate). Secondly we have considered an adaptive sensor node which is capable of varying its service rates as per the requirement and ensure the quality of service. We have simulated both the models using MATLAB and compared their performances like life time, power consumption, buffer overflow probability and idle time etc. We have compared the performances of both the models under normal work loads as well as when the catastrophe (heavy wok load) occurs. In both the situations an adaptive service model out performs the fixed service model as it saves the power during normal period and increases the lifetime and during catastrophe period it consumes more power but ensures the QoS (Quality of Service) by reducing the overflow probability. [ABSTRACT FROM AUTHOR]

Published

2011

8. BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks.

Author

Gadaleta, Francesco, Younan, Yves, and Joosen, Wouter

Abstract

Web browsers that support a safe language such as Javascript are becoming a platform of great interest for security attacks. One such attack is a heap-spraying attack: a new kind of attack that combines the notoriously hard to reliably exploit heap-based buffer overflow with the use of an in-browser scripting language for improved reliability. A typical heap-spraying attack allocates a high number of objects containing the attacker΄s code on the heap, dramatically increasing the probability that the contents of one of these objects is executed. In this paper we present a lightweight approach that makes heap-spraying attacks in Javascript significantly harder. Our prototype, which is implemented in Firefox, has a negligible performance and memory overhead while effectively protecting against heap-spraying attacks. [ABSTRACT FROM AUTHOR]

Published

2010

9. Arrival Process-Controlled Adaptive Media Playout for Video Streaming.

Author

Li, Mingfu and Cheng, Shih-Han

Abstract

To enhance the video quality of multimedia streaming services, an Adaptive Media Playout (AMP) mechanism is designed in this study. The proposed AMP mechanism sets two threshold values, denoted as L and H, for the playout controller to dynamically adjust the playout rate according to the number of buffered packets. When the number of buffered packets is below L or over H, the playout rate will slow down or speed up quadratically. While the number of buffered packets is between L and H, the playback speed is determined based on the instant packet arrival rate, which is estimated by the proposed Arrival Process Tracking Algorithm (APTA). We employ computer simulations to demonstrate the performance of our proposed AMP scheme, and compare it with conventional AMP mechanisms. Numerical results show that our AMP design can reduce both buffer underflow and buffer overflow probabilities, and is superior to conventional AMP approaches. [ABSTRACT FROM AUTHOR]

Published

2009

10. Security Assessment Framework Using Static Analysis and Fault Injection.

Author

Kang, Hyungwoo

Abstract

For large scale and residual software like network service, reliability is a critical requirement. Recent research has shown that most of network software still contains a number of bugs. Methods for automated detection of bugs in software can be classified into static analysis based on formal verification and runtime checking based on fault injection. In this paper, a framework for checking software security vulnerability is proposed. The framework is based on automated bug detection technologies, i.e. static analysis and fault injection, which are complementary each other. The proposed framework provides a new direction, in which various kinds of software can be checked its vulnerability by making use of static analysis and fault injection technology. In experiment on proposed framework, we find unknown vulnerability as well as known vulnerability in Windows network module. [ABSTRACT FROM AUTHOR]

Published

2008

11. Data Space Randomization.

Author

Bhatkar, Sandeep and Sekar, R.

Abstract

Over the past several years, US-CERT advisories, as well as most critical updates from software vendors, have been due to memory corruption vulnerabilities such as buffer overflows, heap overflows, etc. Several techniques have been developed to defend against the exploitation of these vulnerabilities, with the most promising defenses being based on randomization. Two randomization techniques have been explored so far: address space randomization (ASR) that randomizes the location of objects in virtual memory, and instruction set randomization (ISR) that randomizes the representation of code. We explore a third form of randomization called data space randomization (DSR) that randomizes the representation of data stored in program memory. Unlike ISR, DSR is effective against non-control data attacks as well as code injection attacks. Unlike ASR, it can protect against corruption of non-pointer data as well as pointer-valued data. Moreover, DSR provides a much higher range of randomization (typically 232 for 32-bit data) as compared to ASR. Other interesting aspects of DSR include (a) it does not share a weakness common to randomization-based defenses, namely, susceptibility to information leakage attacks, and (b) it is capable of detecting some exploits that are missed by full bounds-checking techniques, e.g., some of the overflows from one field of a structure to the next field. Our implementation results show that with appropriate design choices, DSR can achieve a performance overhead in the range of 5% to 30% for a range of programs. [ABSTRACT FROM AUTHOR]

Published

2008

12. Return Address Randomization Scheme for Annuling Data-Injection Buffer Overflow Attacks.

Author

Kim, Deok Jin, Kim, Tae Hyung, Kim, Jong, and Hong, Sung Je

Abstract

Buffer overflow(BOF) has been the most common form of vulnerability in software systems today, and many methods exist to defend software systems against BOF attacks. Among them, the instruction set randomization scheme, which makes attacker not to know the specific instruction set of the target machine, is the most promising defense scheme because it defends all typical code-injection BOF attacks. However, this defense scheme can not cover data-injection BOF attacks like return-into-libc attacks. In order to defend against the data-injection BOF attacks as well as the code-injection BOF attacks, we propose an enhanced defense scheme randomizing not only the instruction sets but also the return addresses. Implementation results show that the proposed scheme can defend software systems against data-injection BOF attacks as well as code-injection BOF attacks without significant extra overheads. [ABSTRACT FROM AUTHOR]

Published

2006

13. Arrival process-controlled adaptive media playout with multiple thresholds for video streaming.

Author

Li, Mingfu, Lin, Tsung-Wei, and Cheng, Shih-Han

Subjects

*STREAMING technology, *STREAMING video & television, *BUFFER storage (Computer science), *ELECTRIC distortion, *IMAGE processing

Abstract

To improve the playout quality of video streaming services, an arrival process-controlled adaptive media playout (AMP) mechanism is designed in this study. The proposed AMP scheme sets three threshold values, denoted by P, L and H, for the playout controller to start playback and dynamically adjust the playout rate based on the buffer fullness. In the preroll period, the playout can start only when the buffer fullness n is not less than the dynamic playback threshold P, which is determined by the jitters of incoming video frames. In the playback period, if the buffer fullness is below L or over H, the playout rate will slow down or speed up in a quadratic manner. Otherwise, the playback speed depends on the instantaneous frame arrival rate, which is estimated by the proposed arrival process tracking algorithm. We employ computer simulations to demonstrate the performance of the proposed AMP scheme, and compare it with several conventional AMP mechanisms. Numerical results show that our AMP design can shorten the playout delay and reduce both buffer underflow and overflow probabilities. In addition, our proposed AMP also outperforms traditional AMP schemes in terms of the variance of distortion of playout and the playout curve. Hence, the proposed arrival process-controlled AMP is really an outstanding design. [ABSTRACT FROM AUTHOR]

Published

2012

14. Protecting against address space layout randomisation (ASLR) compromises and return-to-libc attacks using network intrusion detection systems.

Author

Day, David and Zhao, Zheng-Xu

Abstract

Writable XOR executable (W⊕X) and address space layout randomisation (ASLR) have elevated the understanding necessary to perpetrate buffer overflow exploits[1]. However, they have not proved to be a panacea[1-3], and so other mechanisms, such as stack guards and prelinking, have been introduced. In this paper, we show that host-based protection still does not offer a complete solution. To demonstrate the protection inadequacies, we perform an over the network brute force return-to-libc attack against a preforking concurrent server to gain remote access to a shell. The attack defeats host protection including W⊕X and ASLR. We then demonstrate that deploying a network intrusion detection systems (NIDS) with appropriate signatures can detect this attack efficiently. [ABSTRACT FROM AUTHOR]

Published

2011

15. A Simple Superposition Coding Scheme for Optimizing Resource Allocation in Downlink OFDMA Systems.

Author

Najeh, Sameh and Besbes, Hichem

Subjects

ORTHOGONAL frequency division multiplexing, ENCODING, RESOURCE allocation, TIME division multiple access, ERROR rates

Abstract

In this paper, we propose to apply a simple superposition coding strategy for downlink of OFDMA systems. The novelty of this paper consists on allowing at most two users to share the same subchannel. The main idea is to consider the subchannels allocated to the users with the weakest link, and allow these subchannels to be shared by some potential users who can transmit some number of bits with only a small amount of power. To decrease the overhead of the proposed OFDMA system, we restrict to use a predetermined superposition encoding|decoding scheme. We address the problem of resource allocation, which consists on finding the optimal subchannel assignment in the OFDMA system. A low complexity algorithm, denoted Share Specific Subcarrier Allocation (SSSA) is then proposed. It offers a fairness allocation among users. This can be done by taking into account all user's buffer states information. Simulation results confirm that the proposed technique outperforms the classical algorithms in terms of total throughput and dropping probability. [ABSTRACT FROM AUTHOR]

Published

2011

16. Overflow and losses in a network queue with a self-similar input.

Author

Tsybakov, Boris and Georganas, Nicolas

Abstract

This paper considers a discrete time queuing system that models a communication network multiplexer which is fed by a self-similar packet traffic. The model has a finite buffer of size h, a number of servers with unit service time, and an input traffic which is an aggregation of independent source-active periods having Pareto-distributed lengths and arriving as Poisson batches. The new asymptotic upper and lower bounds to the buffer-overflow and packet-loss probabilities P are obtained. The bounds give an exact asymptotic of log P/log h when h → to ∞. These bounds decay algebraically slow with buffer-size growth and exponentially fast with excess of channel capacity over traffic rate. Such behavior of the probabilities shows that one can better combat traffic losses in communication networks by increasing channel capacity rather than buffer size. A comparison of the obtained bounds and the known upper and lower bounds is done. [ABSTRACT FROM AUTHOR]

Published

2000

17. Chernoff bounds for mean overflow rates.

Author

Majewski, Kurt

Abstract

A number of independent traffic streams arrive at a queueing node which provides a finite buffer and a non-idling service at constant rate. Customers which arrive when the buffer is full are dropped and counted as overflows. We present Chernoff type bounds for mean overflow rates in the form of finite-dimensional minimization problems. The results are based on bounds for moment generating functions of buffer and bandwidth usage of the individual streams in an infinite buffer with constant service rate. We calculate these functions for regulated, Poisson and certain on/off sources. The achievable statistical multiplexing gain and the tightness of the bounds are demonstrated by several numerical examples. [ABSTRACT FROM AUTHOR]

Published

2000

18. Telecommunication traffic, queueing models, and subexponential distributions.

Author

Greiner, Michael, Jobmann, Manfred, and Klüppelberg, Claudia

Abstract

This article reviews various models within the queueing framework which have been suggested for teletraffic data. Such models aim to capture certain stylised features of the data, such as variability of arrival rates, heavy-tailedness of on- and off-periods and long-range dependence in teletraffic transmission. Subexponential distributions constitute a large class of heavy-tailed distributions, and we investigate their (sometimes disastrous) influence within teletraffic models. We demonstrate some of the above effects in an explorative data analysis of Munich Universities’ intranet data. [ABSTRACT FROM AUTHOR]

Published

1999

19. Optimal trajectory to overflow in a queue fed by a large number of sources.

Author

Mandjes, Michel and Ridder, Ad

Abstract

We analyse the deviant behavior of a queue fed by a large number of traffic streams. In particular, we explicitly give the most likely trajectory (or ‘optimal path’) to buffer overflow, by applying large deviations techniques. This is done for a broad class of sources, consisting of Markov fluid sources and periodic sources. Apart from a number of ramifications of this result, we present guidelines for the numerical evaluation of the optimal path. [ABSTRACT FROM AUTHOR]

Published

1999