Signature-free Buffer Overflow Attack Blocker
#1

Signature-free Buffer Overflow Attack Blocker

1Xinran Wang 2Chi-Chun Pan 2Peng Liu 1
,
2Sencun Zhu
1Department of Computer Science and Engineering
2College of Information Sciences and Technology
The Pennsylvania State University, University Park, PA 16802



Abstract

We propose SigFree, a realtime, signature-free, out-ofthe- box, application layer blocker for preventing buffer overflow attacks, one of the most serious cyber security threats. SigFree can filter out code-injection buffer overflow attack messages targeting at various Internet services such as web service. Motivated by the observation that buffer overflow attacks typically contain executables whereas legitimate client requests never contain executables in most Internet services, SigFree blocks attacks by detecting the presence of code. SigFree first blindly dissembles and extracts instruction sequences from a request. It then applies a novel technique called code abstraction, which uses data flow anomaly to prune useless instructions in an instruction sequence. Finally it compares the number of useful instructions to a threshold to determine if this instruction sequence contains code. SigFree is signature free, thus it can block new and unknown buffer overflow attacks; SigFree is also immunized from most attack-side code obfuscation methods. Since SigFree is transparent to the servers being protected, it is good for economical Internet wide deployment with very low deployment and maintenance cost. We implemented and tested SigFree; our experimental study showed that SigFree could block all types of codeinjection attack packets (above 250) tested in our experiments. Moreover, SigFree causes negligible throughput degradation to normal client requests.

for more ::->

http://freepatentsonliney2008/0022405.html
Reply
#2
Respected sir,
i am doing the sigFree project. can you give some ideas about that. can you send the project design. it is very helpful to do my project.
thanking u
Reply
#3
sir,
i m doing sigfree as my final yr project, can u pls guide me in doing my project. which language is better to implement? can you send the project design. it is very helpful to do my project. send it to my mail id: santy073[at]gmail.com

Reply
#4
SigFree: A Signature-Free Buffer Overflow Attack Blocker

Prevention/Detection of Buffer Overflows
six classes of buffer overflows can be exemplified:
-Finding bugs in source code:These are due to the bugs in the source code. The bug-finding techniques belonging to the static analysis has been proposed and they have been implemented in the form of various tools.

-Compiler extensions: a developer can add buffer overflow detection
automatically to a program by using a modified compiler if the source code of the program is made available. Some of the such compilers are StackGuard , ProPolice , and Return Address Defender (RAD).

-OS modifications.: The buffer overflows can be prevented by the modification of some aspects of the OS

-Hardware modifications;: This involves storing all the return addresses in the processor. Thus, no input can change a return address.

-Defense-side obfuscation: This involves Address Space Layout
Randomization (ASLR). This can prevent the exploitation of all memory errors.

For more details on the topic, see the paper here:
http://cse.psu.edu/~szhu/papers/sigfree-journal.pdf
Reply
#5
Respected sir,
i am doing the sigFree project.can you give me full coding.can you send the project design. it is very helpful to do my project.
thanking u

Reply
#6
please give some explanation about the instruction sequence distiller in the sigfree ieee paper... please help me out
Reply
#7
sir , please can you send the explanation of the project in detail .i am doing my Master degree project with this base paper.
Reply
#8
i want implementation if sigfree :A Signature-free Buffer Overflow Attack Blocker.project..
which currently..i am doing....

will u help me please fastly..........any one.....


Reply
#9


To get more information about the topic "Signature-free Buffer Overflow Attack Blocker " please refer the page link below

http://studentbank.in/report-signature-f...ck-blocker

http://studentbank.in/report-a-signature...ull-report
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: casocde satge load buffer, mcafee buffer overflow blocked, rfid blocker, buffer overflow attack in application layer ppt, how to make blade blocker, signature buffer overflow attack source code, buffer overflow assembly,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  Multi signature smart paper boy 2 2,061 11-01-2016, 02:00 PM
Last Post: seminar report asees
  Digital Signature Full Seminar Report Download computer science crazy 20 43,689 16-09-2015, 02:51 PM
Last Post: seminar report asees
  Buffer management strategies to reduce HoL blocking summer project pal 2 2,005 12-03-2013, 04:12 PM
Last Post: Guest
  Digital Signature Guidelines Electrical Fan 1 1,704 27-11-2012, 12:06 PM
Last Post: seminar details
  Secure access system using signature verification over tablet PC project topics 1 1,766 24-10-2012, 01:27 PM
Last Post: seminar details
  Digital Signature Guidelines ( Download Full Seminar Report ) computer science crazy 1 4,993 14-02-2012, 01:28 PM
Last Post: seminar paper
  CELLULAR VIRUS ATTACK full report project topics 3 4,797 09-02-2012, 10:24 AM
Last Post: seminar addict
  Monitoring the Application Layer-DDoS Attack for Popular Websites full report project topics 12 11,282 26-01-2012, 10:17 AM
Last Post: seminar addict
  On Scalable Attack Detection in the Network project topics 0 710 02-05-2011, 09:56 AM
Last Post: project topics
  An Automated Signature-Based Approach against Polymorphic Internet Worms project topics 0 654 02-05-2011, 09:56 AM
Last Post: project topics

Forum Jump: