For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
iCruiser: An Improved Approach for Concurrent Heap Buffer Overflow Monitoring
Donghai TIAN Xuanya LI Mo CHEN Changzhen HU
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2014/03/01
Online ISSN: 1745-1361
Print ISSN: 0916-8532
Type of Manuscript: LETTER
Category: Information Network
heap buffer overflow, multi-core technology,
Full Text: PDF(543.6KB)>>
Heap buffer overflow has been extensively studied for many years, but it remains a severe threat to software security. Previous solutions suffer from limitations in that: 1) Some methods need to modify the target programs; 2) Most methods could impose considerable performance overhead. In this paper, we present iCruiser, an efficient heap buffer overflow monitoring system that uses the multi-core technology. Our system is compatible with existing programs, and it can detect the heap buffer overflows concurrently. Compared with the latest heap protection systems, our approach can achieves stronger security guarantees. Experiments show that iCruiser can detect heap buffer overflow attacks effectively with a little performance overhead.