Abstract
Code injection attacks are considered serious threats to the Internet users. In this type of attack the attacker injects malicious codes in the user programs to change or divert the execution flows. In this paper we explore the contemporary defence strategies against code injection attacks (CIAs) and underline their limitations. To overcome these limitations, we suggest a number of countermeasure mechanisms for protecting from CIAs. Our key idea relies on the multiplexing technique to preserve the exact return code to ensure the integrity of program execution trace of shell code. This technique also maintains a FIFO (first in first out) queue to defeat the conflict state when multiple caller method makes a call simultaneously. Finally, our technique can provide better performance, in terms of protection and speed, in some point compared to the CFI (control flow integrity) as well as CPM (code pointer masking) techniques.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Philippaerts, P., Younan, Y., Muylle, S., Piessens, F., Lachmund, S., Walter, T.: CPM: masking code pointers to prevent code injection attacks. ACM Trans. Inf. Syst. Secur. (TISSEC) 16(1), Article No. 1 (2013)
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control flow integrity principles, implementations, and applications. ACM J. 13, 4 (2006)
Davi, L., Dmitrienko, A., Egele, M., Fischer, T., Holz, T., Hund, R., Nurnberger, S., Sadeghi, A.: MoCFI : a framework to mitigate control-flow attacks on smartphones. IETF J. 4, 32–44 (2012)
Philippaerts, P., Younan, Y., Muylle, S., Piessens, F., Lachmund, S., Walter, T.: Code pointer masking: hardening applications against code injection attacks. In: Holz, T., Bos, H. (eds.) DIMVA 2011. LNCS, vol. 6739, pp. 194–213. Springer, Heidelberg (2011)
Lee, R.B., Karig, D.K., McGregor, J.P., Shi, Z.: Enlisting hardware architecture to thwart malicious code injection. In: International Conference on Security in Pervasive Computing (SPC 2003), pp. 237–252, Boppard, Germany (March 2003)
Zhang, C., Wei1, T., Chen, Z., Duan, L., Szekeres, L., McCamant, S., Song, D., Zou, W.: Practical control flow integrity and randomization for binary executables. In: 34th IEEE Symposium on Security and Privacy (Oakland), San Francisco (May 2013)
Xia, Y., Liu, Y., Chen, H., Zang, B.: CFIMon: detecting violation of control flow integrity using performance counters. In: 42nd Annual IEEE/IFIP International Conference, pp. 1–12 (2012)
Richarte, G.: Four different tricks to bypass StackShield and StackGuard protection. J. Comput. Virol. 7(3), 173–188 (2002)
Etoh, H., Yoda, K.: Protecting from stack-smashing attacks. IBM Research Division, Tokyo Research Laboratory (June 2000)
Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: 12th USENIX Security Symposium, USENIX Association (2003)
Cowan, C., Beattie, S., Day, R.F., Pu, C., Wagle, P., Walthinsen, E.: Protecting systems from stack smashing attacks with StackGuard (May 2005)
Shacham, H., Page, M., Pfaff, B., Goh, E., Modadugu, N., Boneh, D.: On the effective of address-space randomization. In: CCS 2004 Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 298–307 (October 2004)
Whitehoue, O.: An analysis of address space layout randomization on Windows Vista. Symantec Adv. Threat Res. (February 2007)
Silberman, P., Johnson, R.: A Comparison of Buffer Overflow Prevention Implementations and Weaknesses. iDEFENSE Inc., Dallas (2004)
ACL (2014). http://www.webopedia.com/TERM/A/ACL.html
Control flow graph (April 2014). http://en.wikipedia.org/wiki/Control_flow_graph
Youna, Y., Pozza, D., Piessens, F., Joosen, W.: Extended Protection Against Stack Smashing Attacks Without Performance Loss, pp. 194–213. Springer, Berlin (2006)
Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control flow integrity principles, implementations, and applications. ACM J. 13(1), Article 4 (2009)
Pattis, R.E.: https://www.cs.cmu.edu/afs/cs/Web/People/pattis/15-1XX/15-200/lectures/aa/index.html. Accessed June 2014
How to find time complexity of an algorithm. http://stackoverflow.com/questions/11032015/how-to-find-time-complexity-of-an-algorithm
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Alnabulsi, H., Mamun, Q., Islam, R., Chowdhury, M.U. (2015). Defence Against Code Injection Attacks. In: Tian, J., Jing, J., Srivatsa, M. (eds) International Conference on Security and Privacy in Communication Networks. SecureComm 2014. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 153. Springer, Cham. https://doi.org/10.1007/978-3-319-23802-9_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-23802-9_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23801-2
Online ISBN: 978-3-319-23802-9
eBook Packages: Computer ScienceComputer Science (R0)