Create an Account
username: password:
 
  MemeStreams Logo

Nozzle: detecting heap spraying attacks - Microsoft Research

search

Worthersee
Picture of Worthersee
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Worthersee's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Nozzle: detecting heap spraying attacks - Microsoft Research
Topic: Technology 5:29 pm EST, Jan 22, 2009

Heap spraying is a new security attack that significantly increases the exploitability of existing memory corruption errors in type unsafe applications. With heap spraying, attackers leverage their ability to allocate arbitrary objects in the heap of a type-safe language, such as JavaScript, literally filling the heap with objects that contain dangerous exploit code. In recent years, spraying has been used in many real security exploits, especially in Web browsers.

We propose Nozzle, a runtime monitoring infrastructure that detects attempts by attackers to spray the heap. Nozzle uses lightweight emulation techniques to detect the presence of objects that contain executable code. To reduce false positives, we developed a notion of global “heap health”.

Ben Livshits vs. Mark Dowd
The ultimate showdown. The ultimate destiny.

Nozzle: detecting heap spraying attacks - Microsoft Research



 
 
Powered By Industrial Memetics
RSS2.0