Detection and diagnosis of control interception

Chang Hsien Tsai*, Shih-Kun Huang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Crash implies that a software is unstable and possibly vulnerable. Stack overflow is one of many causes of crashes. This kind of bug is often hard to debug because of the corrupted stack, so that debuggers cannot trace the control flow of the programs. A control-type crash caused by stack overflow is easy to be developed as a control interception attack. We develop a method to locate this attack and implement it as a plug-in of Valgrind [1]. This tool can be used in the honeypot to detect and diagnose zero-day exploits. We use it to detect several vulnerabilities and automatically locate the bugs.

Original languageEnglish
Title of host publicationInformation and Communications Security - 9th International Conference, ICICS 2007, Proceedings
Pages412-426
Number of pages15
DOIs
StatePublished - 1 Dec 2007
Event9th International Conference on Information and Communications Security, ICICS 2007 - Zhengzhou, China
Duration: 12 Dec 200715 Dec 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4861 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference9th International Conference on Information and Communications Security, ICICS 2007
CountryChina
CityZhengzhou
Period12/12/0715/12/07

Fingerprint Dive into the research topics of 'Detection and diagnosis of control interception'. Together they form a unique fingerprint.

Cite this