Signature-free Buffer Overflow Attack Blocker
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
project report helper
Active In SP
**

Posts: 2,270
Joined: Sep 2010
#1
29-10-2010, 05:59 PM


Signature-free Buffer Overflow Attack Blocker

1Xinran Wang 2Chi-Chun Pan 2Peng Liu 1
,
2Sencun Zhu
1Department of Computer Science and Engineering
2College of Information Sciences and Technology
The Pennsylvania State University, University Park, PA 16802



Abstract

We propose SigFree, a realtime, signature-free, out-ofthe- box, application layer blocker for preventing buffer overflow attacks, one of the most serious cyber security threats. SigFree can filter out code-injection buffer overflow attack messages targeting at various Internet services such as web service. Motivated by the observation that buffer overflow attacks typically contain executables whereas legitimate client requests never contain executables in most Internet services, SigFree blocks attacks by detecting the presence of code. SigFree first blindly dissembles and extracts instruction sequences from a request. It then applies a novel technique called code abstraction, which uses data flow anomaly to prune useless instructions in an instruction sequence. Finally it compares the number of useful instructions to a threshold to determine if this instruction sequence contains code. SigFree is signature free, thus it can block new and unknown buffer overflow attacks; SigFree is also immunized from most attack-side code obfuscation methods. Since SigFree is transparent to the servers being protected, it is good for economical Internet wide deployment with very low deployment and maintenance cost. We implemented and tested SigFree; our experimental study showed that SigFree could block all types of codeinjection attack packets (above 250) tested in our experiments. Moreover, SigFree causes negligible throughput degradation to normal client requests.

for more ::->

freepatentsonliney2008/0022405.html
Reply
ssiivvaa
Active In SP
**

Posts: 2
Joined: Mar 2010
#2
04-01-2011, 12:56 PM

Respected sir,
i am doing the sigFree project and implimentation. can you give some ideas about that. can you send the project and implimentation design. it is very helpful to do my project and implimentation.
thanking u
Reply
santy073
Active In SP
**

Posts: 1
Joined: Jan 2011
#3
20-01-2011, 09:53 PM

sir,
i m doing sigfree as my final yr project and implimentation, can u pls guide me in doing my project and implimentation. which language is better to implement? can you send the project and implimentation design. it is very helpful to do my project and implimentation. send it to my mail id: santy073@gmail.com

Reply
summer project pal
Active In SP
**

Posts: 308
Joined: Jan 2011
#4
01-02-2011, 01:29 AM

SigFree: A Signature-Free Buffer Overflow Attack Blocker

Prevention/Detection of Buffer Overflows
six classes of buffer overflows can be exemplified:
-Finding bugs in source code:These are due to the bugs in the source code. The bug-finding techniques belonging to the static analysis has been proposed and they have been implemented in the form of various tools.

-Compiler extensions: a developer can add buffer overflow detection
automatically to a program by using a modified compiler if the source code of the program is made available. Some of the such compilers are StackGuard , ProPolice , and Return Address Defender (RAD).

-OS modifications.: The buffer overflows can be prevented by the modification of some aspects of the OS

-Hardware modifications;: This involves storing all the return addresses in the processor. Thus, no input can change a return address.

-Defense-side obfuscation: This involves Address Space Layout
Randomization (ASLR). This can prevent the exploitation of all memory errors.

For more details on the topic, see the paper here:
cse.psu.edu/~szhu/papers/sigfree-journal.pdf
Reply
umesh5040
Active In SP
**

Posts: 1
Joined: Feb 2011
#5
23-02-2011, 10:55 AM

Respected sir,
i am doing the sigFree project and implimentation.can you give me full coding.can you send the project and implimentation design. it is very helpful to do my project and implimentation.
thanking u

Reply
legend1
Active In SP
**

Posts: 1
Joined: Apr 2011
#6
18-04-2011, 08:04 PM

please give some explanation about the instruction sequence distiller in the sigfree ieee paper... please help me out
Reply
banubalaji
Active In SP
**

Posts: 2
Joined: Jul 2011
#7
28-07-2011, 01:40 PM

sir , please can you send the explanation of the project and implimentation in detail .i am doing my Master degree project and implimentation with this base paper.
Reply
ram345
Active In SP
**

Posts: 1
Joined: Aug 2011
#8
22-08-2011, 08:54 AM

i want implementation if sigfree :A Signature-free Buffer Overflow Attack Blocker.project and implimentation..
which currently..i am doing....

will u help me please fastly..........any one.....


Reply
seminar addict
Super Moderator
******

Posts: 6,592
Joined: Jul 2011
#9
22-08-2011, 09:24 AM


To get more information about the topic "Signature-free Buffer Overflow Attack Blocker " please refer the link below

topicideashow-to-signature-free-buffer-overflow-attack-blocker

topicideashow-to-a-signature-free-buffer-overflow-attack-blocker-full-report
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  DETECTION OF WORMHOLE ATTACK IN MANET seminar ideas 5 1,368 26-08-2015, 12:37 AM
Last Post: Leenas
  microwind software free download jaseelati 0 261 23-02-2015, 12:47 PM
Last Post: jaseelati
  3d password pdf free download jaseelati 0 305 20-12-2014, 03:10 PM
Last Post: jaseelati
  An OCR Free Method for Word Spotting in Printed Documents pdf seminar projects maker 0 376 25-09-2013, 04:46 PM
Last Post: seminar projects maker
  SIMULATION OF BLACK HOLE ATTACK IN WIRELESS AD-HOC NETWORKS pdf study tips 0 241 07-09-2013, 02:20 PM
Last Post: study tips
  Survivability Analysis of ad hoc network under attack ppt study tips 0 253 19-08-2013, 04:49 PM
Last Post: study tips
  OFFLINE SIGNATURE VERIFICATION pdf study tips 0 320 19-07-2013, 04:56 PM
Last Post: study tips
  SIMULATION OF BLACK HOLE ATTACK IN WIRELESS AD-HOC NETWORKS pdf study tips 0 274 17-07-2013, 04:40 PM
Last Post: study tips
  Evaluation of Impact of Wormhole Attack on AODV pdf study tips 0 243 25-06-2013, 12:58 PM
Last Post: study tips
  Walking Stick With Heart Attack Detection PPT study tips 0 353 17-06-2013, 03:56 PM
Last Post: study tips