NDLI: Reverse stack execution in a multi-variant execution environment (2008)

Please wait, while we are loading the content...

Reverse stack execution in a multi-variant execution environment (2008)

Content Provider	CiteSeerX
Author	Salamat, Babak Gal, Andreas Franz, Michael
Abstract	Multi-variant execution allows detecting exploited vulnerabilities before they can cause any damage to systems. In this execution method, two or more slightly different variants of the same application are executed simultaneously on top of a monitoring layer. In the course of execution, the monitoring layer checks whether the instances are always in complying states. Any discrepancies raises an alarm and will result in termination of the non-complying instances. We present a technique to generate program variants that use a stack that grows in reverse direction in contrast to the native stack growth direction of the platform. Such program variants, when executed along with a normal instance in a multi-variant environment, allow us to detect stack-based buffer overflow attacks. The technique is implemented by modifying GCC to generate executables that write their stacks in opposite direction. In addition, we briefly present the technique used to build our multi-variant execution environment. Through evaluation we have shown that our prototype system can interdict the execution of malicious code in popular applications such as the Apache web server by trading off a small performance penalty for a high degree of security. 1.
File Format	PDF
Publisher Date	2008-01-01
Publisher Institution	In Workshop on Compiler and Architectural Techniques for Application Reliability and Security
Access Restriction	Open
Subject Keyword	Program Variant Opposite Direction Non-complying Instance Multi-variant Execution Normal Instance Multi-variant Environment Execution Method Monitoring Layer Prototype System High Degree Different Variant Stack-based Buffer Small Performance Penalty Reverse Stack Execution Popular Application Apache Web Server Malicious Code Reverse Direction Multi-variant Execution Environment Native Stack Growth Direction
Content Type	Text
Resource Type	Conference Proceedings

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in