TY - GEN
T1 - RIPE
T2 - 27th Annual Computer Security Applications Conference, ACSAC 2011
AU - Wilander, John
AU - Nikiforakis, Nick
AU - Younan, Yves
AU - Kamkar, Mariam
AU - Joosen, Wouter
PY - 2011
Y1 - 2011
N2 - Despite the plethora of research done in code injection countermeasures, buffer overflows still plague modern software. In 2003, Wilander and Kamkar published a comparative evaluation on runtime buffer overflow prevention technologies using a testbed of 20 attack forms and demonstrated that the best prevention tool missed 50% of the attack forms. Since then, many new prevention tools have been presented using that testbed to show that they performed better, not missing any of the attack forms. At the same time though, there have been major developments in the ways of buffer overflow exploitation. In this paper we present RIPE, an extension of Wilander's and Kamkar's testbed which covers 850 attack forms. The main purpose of RIPE is to provide a standard way of testing the coverage of a defense mechanism against buffer overflows. In order to test RIPE we use it to empirically evaluate some of the newer prevention techniques. Our results show that the most popular, publicly available countermeasures cannot prevent all of RIPE's buffer overflow attack forms. ProPolice misses 60%, LibsafePlus+TIED misses 23%, CRED misses 21%, and Ubuntu 9.10 with nonexecutable memory and stack protection misses 11%.
AB - Despite the plethora of research done in code injection countermeasures, buffer overflows still plague modern software. In 2003, Wilander and Kamkar published a comparative evaluation on runtime buffer overflow prevention technologies using a testbed of 20 attack forms and demonstrated that the best prevention tool missed 50% of the attack forms. Since then, many new prevention tools have been presented using that testbed to show that they performed better, not missing any of the attack forms. At the same time though, there have been major developments in the ways of buffer overflow exploitation. In this paper we present RIPE, an extension of Wilander's and Kamkar's testbed which covers 850 attack forms. The main purpose of RIPE is to provide a standard way of testing the coverage of a defense mechanism against buffer overflows. In order to test RIPE we use it to empirically evaluate some of the newer prevention techniques. Our results show that the most popular, publicly available countermeasures cannot prevent all of RIPE's buffer overflow attack forms. ProPolice misses 60%, LibsafePlus+TIED misses 23%, CRED misses 21%, and Ubuntu 9.10 with nonexecutable memory and stack protection misses 11%.
UR - https://www.scopus.com/pages/publications/84855669733
U2 - 10.1145/2076732.2076739
DO - 10.1145/2076732.2076739
M3 - Conference contribution
AN - SCOPUS:84855669733
SN - 9781450306720
T3 - ACM International Conference Proceeding Series
SP - 41
EP - 50
BT - Proceedings - 27th Annual Computer Security Applications Conference, ACSAC 2011
Y2 - 5 December 2011 through 9 December 2011
ER -