A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities

A
ARES
2006
First International Conference on Availability, Reliability and Security (ARES'06)
Abstract - A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Zhiqiang Lin Articles by Bing Mao Articles by Li Xie

First International Conference on Availability, Reliability and Security (ARES'06)

Vienna, Austria

April 20-April 22

ISBN: 0-7695-2567-9

	ASCII Text	x
	Zhiqiang Lin, Bing Mao, Li Xie, "A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities," Availability, Reliability and Security, International Conference on, pp. 348-357, First International Conference on Availability, Reliability and Security (ARES'06), 2006.

	BibTex	x
	@article{ 10.1109/ARES.2006.11, author = {Zhiqiang Lin and Bing Mao and Li Xie}, title = {A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2006}, isbn = {0-7695-2567-9}, pages = {348-357}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2006.11}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities SN - 0-7695-2567-9 SP348 EP357 A1 - Zhiqiang Lin, A1 - Bing Mao, A1 - Li Xie, PY - 2006 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Zhiqiang Lin, Nanjing University, Nanjing, 210093, China

Bing Mao, Nanjing University, Nanjing, 210093, China

Li Xie, Nanjing University, Nanjing, 210093, China

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2006.11

Many security attacks are caused by software vulnerabilities such as buffer overflow. How to eliminate or mitigate these vulnerabilities, in particular with unstoppable software, is a great challenge for security researchers and practitioners. In this paper, we propose a practical framework to immunize software security vulnerabilities on the fly. We achieve the vulnerability immunization by using a security antibody, which can be implemented independently from the protected software and is used to defend against vulnerability exploitation attacks. And we employ in-core patching technique to attach the antibody quietly into running process, and hence we neither need to re-compile nor re-execute the protected software. The effectiveness of our framework depends on the effectiveness of the antibody that is implemented by redirecting flaw functions into secure ones. As a proof of concept, we have built a prototype and applied it to prevent the software from buffer overflow attacks. Preliminary experimental results show that our framework is practical and efficient for the dynamical immunization of software security vulnerabilities.

Citation:

Zhiqiang Lin, Bing Mao, Li Xie, "A Practical Framework for Dynamically Immunizing Software Security Vulnerabilities," ares, pp.348-357, First International Conference on Availability, Reliability and Security (ARES'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.