Posts: 2,300
Threads: 878
Joined: Sep 2010
Signature-free Buffer Overflow Attack Blocker
1Xinran Wang 2Chi-Chun Pan 2Peng Liu 1
,
2Sencun Zhu
1Department of Computer Science and Engineering
2College of Information Sciences and Technology
The Pennsylvania State University, University Park, PA 16802
Abstract
We propose SigFree, a realtime, signature-free, out-ofthe- box, application layer blocker for preventing buffer overflow attacks, one of the most serious cyber security threats. SigFree can filter out code-injection buffer overflow attack messages targeting at various Internet services such as web service. Motivated by the observation that buffer overflow attacks typically contain executables whereas legitimate client requests never contain executables in most Internet services, SigFree blocks attacks by detecting the presence of code. SigFree first blindly dissembles and extracts instruction sequences from a request. It then applies a novel technique called code abstraction, which uses data flow anomaly to prune useless instructions in an instruction sequence. Finally it compares the number of useful instructions to a threshold to determine if this instruction sequence contains code. SigFree is signature free, thus it can block new and unknown buffer overflow attacks; SigFree is also immunized from most attack-side code obfuscation methods. Since SigFree is transparent to the servers being protected, it is good for economical Internet wide deployment with very low deployment and maintenance cost. We implemented and tested SigFree; our experimental study showed that SigFree could block all types of codeinjection attack packets (above 250) tested in our experiments. Moreover, SigFree causes negligible throughput degradation to normal client requests.
for more ::->
http://freepatentsonliney2008/0022405.html
Posts: 2
Threads: 1
Joined: Mar 2010
Respected sir,
i am doing the sigFree project. can you give some ideas about that. can you send the project design. it is very helpful to do my project.
thanking u
Posts: 1
Threads: 0
Joined: Jan 2011
sir,
i m doing sigfree as my final yr project, can u pls guide me in doing my project. which language is better to implement? can you send the project design. it is very helpful to do my project. send it to my mail id: santy073[at]gmail.com
Posts: 307
Threads: 112
Joined: Jan 2011
SigFree: A Signature-Free Buffer Overflow Attack Blocker
Prevention/Detection of Buffer Overflows
six classes of buffer overflows can be exemplified:
-Finding bugs in source code:These are due to the bugs in the source code. The bug-finding techniques belonging to the static analysis has been proposed and they have been implemented in the form of various tools.
-Compiler extensions: a developer can add buffer overflow detection
automatically to a program by using a modified compiler if the source code of the program is made available. Some of the such compilers are StackGuard , ProPolice , and Return Address Defender (RAD).
-OS modifications.: The buffer overflows can be prevented by the modification of some aspects of the OS
-Hardware modifications;: This involves storing all the return addresses in the processor. Thus, no input can change a return address.
-Defense-side obfuscation: This involves Address Space Layout
Randomization (ASLR). This can prevent the exploitation of all memory errors.
For more details on the topic, see the paper here:
http://cse.psu.edu/~szhu/papers/sigfree-journal.pdf
Posts: 1
Threads: 0
Joined: Feb 2011
Respected sir,
i am doing the sigFree project.can you give me full coding.can you send the project design. it is very helpful to do my project.
thanking u
Posts: 1
Threads: 0
Joined: Apr 2011
please give some explanation about the instruction sequence distiller in the sigfree ieee paper... please help me out
Posts: 2
Threads: 1
Joined: Jul 2011
sir , please can you send the explanation of the project in detail .i am doing my Master degree project with this base paper.
Posts: 1
Threads: 0
Joined: Aug 2011
i want implementation if sigfree :A Signature-free Buffer Overflow Attack Blocker.project..
which currently..i am doing....
will u help me please fastly..........any one.....
Posts: 6,566
Threads: 1,107
Joined: Jul 2011
To get more information about the topic "Signature-free Buffer Overflow Attack Blocker " please refer the page link below
http://studentbank.in/report-signature-f...ck-blocker
http://studentbank.in/report-a-signature...ull-report