Back to Search Start Over

Exploit detection based on illegal control flow transfers identification

Authors :
Ming-hua WANG
Ling-yun YING
Deng-guo FENG
Source :
Tongxin xuebao, Vol 35, Pp 20-31 (2014)
Publication Year :
2014
Publisher :
Editorial Department of Journal on Communications, 2014.

Abstract

In order to deal with exploit attacks such as APT,an approach was proposed to detect exploits based on illegal control flow transfers identification.Both static and dynamic analysis methods were performed to construct the CFSO (control flow safety outline),which was used to restrict the targets of control flow transfers occurred during the target program's running.When a call/ret/jmp was about to execute,the target was checked according to the CFSO.The illegal control flow transfer is considered as an exploit attack and all the following attacking steps could be captured.The ex-periment also showed that proposed method had decent overhead and could be applied to detect exploits online.

Subjects

Subjects :
software vulnerability
exploit
attack detection
address space layout randomization
data execution pro-tection
Telecommunication
TK5101-6720

Details

Language :
Chinese
ISSN :
1000436X
Volume :
35
Database :
Directory of Open Access Journals
Journal :
Tongxin xuebao
Publication Type :
Academic Journal
Accession number :
edsdoj.9b9a149ca504f1ab69851088bfb1657
Document Type :
article
Full Text :
https://doi.org/10.3969/j.issn.1000-436x.2014.09.003
Full Text Access
View/download PDF

Tools

Authors Abstract Subjects Details