Software Exploit Prevention and Remediation via Software Memory Protection
Abstract
Deployed software often contains memory overwriting vulnerabilities which can be exploited by malicious users who provide input that causes critical data to be overwritten in the program (called a memory overwriting exploit). There are a wide variety of such exploits (e.g. buffer overflows, formatting string exploits, etc.). Some defenses have been limited to defeating memory overwrites in heap or stack memory, and most defenses require access to source code. The Software Memory Protection (SMP) project addresses these limitations and shortcomings by supplying a general defense against all known memory overwriting exploits, requiring no source or object code or recompilation of the protected application, with a remediation mechanism that does not rely on crashing the program to defeat attempted exploits. Therefore, SMP: (i) can defend a program binary for which no source code is available, including its linked libraries; (ii) need not be combined with any other defense against memory overwriting; and (iii) does not turn exploits into potential DOS (denial of service) attacks. SMP can be applied to a binary during testing, field deployment, or both.
Document Details
- Document Type
- Technical Report
- Publication Date
- May 01, 2009
- Accession Number
- ADA499993
Entities
People
- Anh Nguyen-tuong
- Clark L. Coleman
- Jack W. Davidson
- Jason D. Hiser
- John C. Knight
- Michele Co
Organizations
- University of Virginia