Defeating buffer overflow attacks via virtualization

Donghai Tian, Xi Xiong, Changzhen Hu, Peng Liu

Research output: Contribution to journalArticlepeer-review

7 Scopus citations

Abstract

Buffer overflow defenses have been comprehensively studied for many years. Different from previous solutions, we propose PHUKO, an on-the-fly buffer overflow prevention system which leverages virtualization technology. PHUKO offers the protected program a fully transparent environment and an easy deployment without the need to restart the program. Generally, the working process of PHUKO can be divided into two stages. First, we utilize static binary analysis to identify the instructions offline which are the entries of vulnerable functions. Second, by combining virtual machine introspection and online patching, PHUKO instruments the protected running program on-the-fly with memory safety enforcement. The experiments show that our system can defend against realistic buffer overflow attacks effectively with a moderate performance overhead.

Original languageEnglish (US)
Pages (from-to)1940-1950
Number of pages11
JournalComputers and Electrical Engineering
Volume40
Issue number6
DOIs
StatePublished - Aug 2014

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Computer Science(all)
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'Defeating buffer overflow attacks via virtualization'. Together they form a unique fingerprint.

Cite this