2020, 3 (36)

Nuclear, radiation and environmental safety

Article NamePreventing Attacks on the Easiest Applications with Vulnerabilities by Verification of Their Committed System Calls
AuthorsM.A. Parinov*1, A.G. Sirotkina**2
Address

*Institute of Nuclear Physics and Technology (INP&T), National Research Nuclear University «MEPhI», Kashirskoye shosse, 31, Moscow, Russia 115409

**SARFTI - National Research Nuclear University «MEPhI», Duhova str., 6 building 1, Sarov, Russia 607186

1ORCID iD: 0000-0002-6947-8753

WoS Researcher ID: G-9341-2019

e-mail: mafimka@gmail.com

2ORCID iD: 0000-0003-4559-7763

e-mail: sag@sarfti.ru

AbstractThe issue of detecting and preventing attacks on applications has been and remains one of the urgent tasks of information security. Flaws in the program code lead to disruption of the normal operation of the software. Data integrity, availability and confidentiality of the data, interruption of the execution of running processes or even the system as a whole may occur due to design flaws. The aim of this work is to prevent attacks on the application by overflowing the buffer using the developed complex to prevent attacks. To achieve this goal, the shortcomings of modern systems for preventing attacks on applications are briefly reviewed, the structure of the developed software package, the operation algorithms of each module of the software package, the mechanism for buffer overflows are examined, and the developed software package is tested on a simple buffer overflow.
Keywordsbuffer overflow, system calls, code injection, data execution prevention, ASLR, StackGuard, information security.
LanguageRussian
References

 

  1. Wonsun Ahn, Yuelu Duan, Josep Torrellas. DeAliaser: Alias Speculation using Atomic Region Support: LLVM. 2013. Р. 167-180. URL: http://dl.acm.org/citation.cfm?id=2451136 (reference date: 07.10.2018).
  2. Gerardo Richarte. Four Different Tricks to Bypass StackShield and StackGuard Protection. URL: https://www.cs.purdue.edu/homes/xyzhang/spring07/Papers/defeat-stackguard.pdf (application date: 06.08.2018).
  3. Erik Buchanan, Ryan Roemer, Stefan Savage, Hovav Shacham. Return-oriented Programming: Exploitation without Code Injection. URL: https://www.blackhat.com/presentations/bh-usa-08/Shacham/BH_US_08_Shacham_Return_Oriented_Programming.pdf (reference date: 22.10.2018).
  4. Erik Buchanan, Ryan Roemer, Hovav Shacham, Stefan Savage. When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC. URL: http://cseweb.ucsd.edu/~savage/
    papers/CCS08GoodInstructions.pdf (reference date: 22.10.2018).
  5. Hovav Shacham. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). URL: https://hovav.net/ucsd/dist/geometry.pdf (application date: 09.11.2018).
  6. Tyler Durden. Bypassing PaX ASLR Protection. URL: http://phrack.org/issues/59/9.html (reference date: 09.11.2018).
  7. Hector Marco, Ismael Ripoll. AMD Bulldozer Linux ASLR Weakness: Reducing entropy by 87.5%. URL: http://hmarco.org/bugs/AMD-Bulldozer-linux-ASLR-weakness-reducing-mmaped-files-by-eight.html (reference date: 09.11.2018).
  8. Tilo Muller. ASLR Smack & Laugh Reference. URL: https://ece.uwaterloo.ca/~
    vganesh/TEACHING/S2014/ECE458/aslr.pdf (application date: 10.11.2018).
  9. Ralf Hund, Carsten Willems, Thorsten Holz. Practical Timing Side Channel Attacks Against Kernel Space ASLR. URL: https://www.ieee-security.org/TC/SP2013/papers/4977a191.pdf (reference date: 10.11.2018).
  10. Parinov M.A. Analiz sushhestvujushhih sredstv zashhity ot perepolnenija bufera na steke i sposoby ih obhoda [Analysis of Existing Protection Systems from Buffer Overflow and Methods of their Bypass]. Global nuclear safety [Global Nuclear Safety]. 2019. 2(31). Р. 15-22 (in Russian).
  11. Fomichev V.M. Metody diskretnoj matematiki v kriptologii [Discrete Mathematics Methods in Cryptology]. Moskva: DIALOG-MIFI [Мoscow: DIALOG- MEPHI]. 2010. 424 p. (in Russian).
  12. Wenliang Du. Computer Security: A Hands-on Approach. URL: http://www.cis.syr.edu/~wedu/seed/Book/book_sample_buffer.pdf (reference date: 14.11.2019).
  13. Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole. Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade. URL: https://www.researchgate.net/publication/232657947_Buffer_Overflows_Attacks_and_Defenses_for_the_Vulnerability_of_the_Decade (reference date: 10.02.2020).
  14. James C. Foster Vitaly Osipov Nish Bhalla Niels Heinen. Buffer Overflow Attacks DETECT, EXPLOIT, PREVENT. URL: http://index-of.es/Varios/Securite/BoF_Attacks.pdf (reference date: 10.02.2020).
Papers7 - 17
URL ArticleURL Article
 Open Article