You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Defeating Memory Corruption Attacks Via Pointer Taintedness Detection

Overview Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these attacks by protecting program control data. The authors have constructed a new class of attacks that can compromise network applications without tampering with any control data. These non-control data attacks represent a new challenge to system security. This paper proposes an architectural technique to defeat both control data and non-control data attacks based on the notion of pointer taintedness. A pointer is said to be tainted if user input can be used as the pointer value. A security attack is detected whenever a tainted value is dereferenced during program execution.

Further White Paper Details
Publisher	North Carolina State University	File Format	PDF
Date Published	March 2005	Downloads	1
Format	White Papers
Topics	Network Security, Security Management

Did you find this white paper useful?

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

DTW - DODIIS Trusted Workstation: Intelligence Paradigm for the 21st Century

Publisher:
Sun Microsystems

Microsoft warns of 'zero day' vulnerability

The technique can be used to take control of the server. A specially formatted web request to the WebDAV component can overflow the memory allocated to such requests and cause another, malicious program to be run instead.

Channel:
Security Strategy

Microsoft issues "critical" Office security alert

Another flaw exploits a potential buffer overflow arising from the way Office applications convert documents created in formats associated with Corel's WordPerfect software. As detailed in Microsoft's security bulletin, a malicious user could...

Channel:
Security Strategy

Chips to be made hackerproof by AMD and Intel

Execution Protection by AMD, technology contained in AMD's Athlon 64 chips, prevents a buffer overflow, a common method used to attack computers. A buffer overflow essentially overwhelms a computer's defense systems and then inserts a malicious...

Channel:
Security Strategy

HP plans 'virus throttling' network security services

Rather than try to prevent attacks, the device will constantly attack computers on a customer's network. The technique will also help to lock down the estimated 10 per cent of devices on corporate networks that the company does not know about, said...

Channel:
Security Strategy

Alarm bells over exploit for "extremely critical" IE flaw

Up until now, no one knew how to mark the code and find it in memory to execute a remote code attack. Security researchers said the IE vulnerability has been known for the past six months but had previously been seen as a conduit for denial of...

Junked: Is this the end of spam and spoof email?

Increasingly creative counter-attacks by fraudsters - such as inserting image advertisements in the text of messages - have been able to defeat many of these methods. If the signature doesn't check out, the message is probably spam - or a phishing...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Network Security White Papers

Defeating Memory Corruption Attacks Via Pointer Taintedness Detection

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific