ARCHERR: Runtime Environment Driven Program Safety

Get BibTex-formatted data

Author

Chinchani, Ramkumar; Iyer, Anusha; Jayaraman, Bharat; Upadhyaya, Shambhu

Entry type

inproceedings

Abstract

Parameters of a program's runtime environment such as the machine architecture and opening system largely determine whether a vulnerability can be exploited. For example, the machine word size is an important factor in an integer overflow attack and likewise the memory layout of a process in a buffer or heap overflow attack. In this paper, we present an analysis of the effects of a runtime environment on a language's data types. Based on this analysis, we have developed Archerr, an automated one-pass source-to-source transformer that derives appropriate architecture dependant runtime safety error checks and inserts them in C source programs. Our approach achieves comprehensive vulnerability coverage against a wide array of program-level exploits including integer overflows/underflows. We demonstrate the efficacy of our technique on versions of C programs with known vulnerabilities such as Send-mail. We have benchmarked our technique and the results show that it is general less expensive than other well-known runtime techniques, and at the same time requires no extentions to the C programming language. Additional benefits include the ability to gracefully handle arbitrary pointer usage, aliasing, and typecasting.

Date

2004 – 09 – 01

URL

http://www.springerlink.com/content/0px2f3w83fytpurq/

Booktitle

9th European Symposium on Research in Computer Security

Institution

University at Buffalo

Key alpha

Chinchani

Note

French Riviera, France, September 2004

School

University at Buffalo (SUNY), Buffalo, NY

Publication Date

2004-09-01

Subject

Runtime Enviroment Driven Program Safety

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Inproceedings{ Chinchani,
	title = "ARCHERR: Runtime Environment Driven Program Safety",
	author = "Chinchani, Ramkumar; Iyer, Anusha; Jayaraman, Bharat; Upadhyaya, Shambhu",
	year = "2004",
	month = "09",
	booktitle = "9th European Symposium on Research in Computer Security",
	institution = "University at Buffalo ",
	note = " French Riviera, France, September 2004",
	school = "University at Buffalo (SUNY), Buffalo, NY ",
	day = "01",
	abstract = "Parameters of a program's runtime environment such as the machine architecture and opening system largely determine whether a vulnerability can be exploited.  For example, the machine word size is an important factor in an integer overflow attack and likewise the memory layout of a process in a buffer or heap overflow attack.  In this paper, we present an analysis of the effects of a runtime environment on a language's data types.  Based on this analysis, we have developed Archerr, an automated one-pass source-to-source transformer that derives appropriate architecture dependant runtime safety error checks and inserts them in C source programs.  Our approach achieves comprehensive vulnerability coverage against a wide array of program-level exploits including integer overflows/underflows.  We demonstrate the efficacy of our technique on versions of C programs with known vulnerabilities such as Send-mail.  We have benchmarked our technique and the results show that it is general less expensive than other well-known runtime techniques, and at the same time requires no extentions to the C programming language.  Additional benefits include the ability to gracefully handle arbitrary pointer usage, aliasing, and typecasting.",
	subject = "Runtime Enviroment Driven Program Safety",
	url = "http://www.springerlink.com/content/0px2f3w83fytpurq/",
}