An intrusion detection system using alteration of data

Fumiaki Nagano, Kohei Tatara, Toshihiro Tabata, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

1 被引用数 (Scopus)

抄録

Attacks against data in memory are one of the most serious threats these days. Although many detection systems have been proposed so far, most of them can detect only part of alteration. Some detection systems use canaries to detect alteration. However, if an execution code has bugs that enable attackers to read data in memory, the system could be bypassed by attackers who can guess canaries. To overcome the problems, we propose a system using alteration of data. Our proposed system detects illegal alteration with verifier for vulnerable data. Verifier is made before vulnerable data could be altered by attackers, and verifier is checked when the program uses the vulnerable data. Part of Verifier is stored in kernel area to prevent attackers from reading data in user memory. Our approach can detect illegal alteration of arbitrary data in user memory. Our proposed system, moreover, does not have the problem systems using canaries have.

本文言語英語
ホスト出版物のタイトルProceedings - 20th International Conference on Advanced Information Networking and Applications
ページ243-248
ページ数6
DOI
出版ステータス出版済み - 11 22 2006
イベント20th International Conference on Advanced Information Networking and Applications - Vienna, オーストリア
継続期間: 4 18 20064 20 2006

出版物シリーズ

名前Proceedings - International Conference on Advanced Information Networking and Applications, AINA
1
ISSN(印刷版)1550-445X

その他

その他20th International Conference on Advanced Information Networking and Applications
国/地域オーストリア
CityVienna
Period4/18/064/20/06

All Science Journal Classification (ASJC) codes

  • 工学(全般)

フィンガープリント

「An intrusion detection system using alteration of data」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル