A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors)

Abstract: Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the program to write beyond the bounds of an allocated memory block to corrupt other data structures. The standard way to exploit a buffer overflow vulnerability involves a request that is too large for the buffer intended to hold it. The buffer overflow error causes the program to write part of the request beyond the bounds of the buffer, corrupting the address space of the program and causing the program to execu… Show more

“…No type checking is carried out on the synthesised monitors in either of these works. Runtime Adaptation through monitoring are also explored in [23,19] for C programs to attain "failure-oblivious computing" that can adapt to errors such as null-dereferencing through a technique called reverse shepherding. Again, no static analysis is performed on the monitors themselves.…”

Runtime Adaptation for Actor Systems

“…No type checking is carried out on the synthesised monitors in either of these works. Runtime Adaptation through monitoring are also explored in [23,19] for C programs to attain "failure-oblivious computing" that can adapt to errors such as null-dereferencing through a technique called reverse shepherding. Again, no static analysis is performed on the monitors themselves.…”

Runtime Adaptation for Actor Systems

“…However, they can not roll back I/O operations, and hence the program may not work in a consistent way in its continued execution. Rinard et al [15,16] proposed the concept of failure-oblivious computing, which allows a program to execute through memory errors without compromising its correctness. They modified the CRED safe-C compiler [11] to augment the generated code to perform bounds checks and to store away or discard out of bounds writes.…”

“…Although these techniques effectively detect attacks, they can not protect the processes from being compromised, and thus terminating the compromised processes is necessary to prevent further error propagation. In recent years, several techniques have been proposed to recover the attacked services, instead of terminating them, so as to provide continued service under the attacks [14][15][16][17][18][19][20]. However, such techniques cause moderate to substantial impact on the system performance.…”

“…The proposed mechanism allows a service program to reconfigure itself to collect runtime information in the face of buffer overflow attacks, to identify the vulnerable functions, and finally to protect those functions. Moreover, the mechanism adopts the idea of failure-oblivious computing [15,16] to allow service programs to execute through memory errors without losing their correctness once the vulnerable functions have been identified. This eliminates the need of restarting the service program upon further attacks so that continued service can be provided.…”

A Lightweight Buffer Overflow Protection Mechanism with Failure-Oblivious Capability

“…He determined also, values of equations and explained the expected interval analysis of availability element, the study affirmed a numerical example on fault-tolerant multiprocessor system, then considered two processes without repair task, but he extended in order to include computation's repair to obtain distribution of performability.  Several researchers [8] were offered studies on new techniques in computing failures in order to enhance availability for the purpose of avoiding errors of memory, the aims were to known security results of the system and to enable system servers to successful operating with user's satisfaction.…”

A Study About the Key Elements of TQS in Manufactured Items.