RDACIA Runtime Defence Against Code Injection Attack Using N-Variant Approach

Authors

  • K. A. Sheik Mydeen Department of Computer Science and Engineering, Mohamed Sathak Engineering College, Kilakkarai, Tamil Nadu, India
  • V. Bala Murugan Department of Computer Science and Engineering, Mohamed Sathak Engineering College, Kilakkarai, Tamil Nadu, India

DOI:

https://doi.org/10.51983/ajcst-2012.1.1.1672

Keywords:

Code injection attack, malicious attack, n-variant execution, multi-variant execution, software fault tolerant

Abstract

Software vulnerabilities have been a major threat for decades. Security vulnerabilities in software permit attackers to compromise and misuse computer systems for various malicious purposes. Intrusion detection systems have an important role in detecting and disrupting attacks before they can compromise software. Multi- variant execution is an intrusion detection mechanism that executes several slightly different versions or variants of the same program in lockstep. The variants are built to have identical behavior under normal execution conditions. However, when the variants are under attack, there are detectable differences in their execution behavior. At run time, a monitor compares the behavior of the variants at certain synchronization points and raises an alarm when a discrepancy is detected. We present a monitoring mechanism that does not need any kernel privileges to supervise the variants. As a result, the monitor runs entirely in user space. Our experiments show that the multi-variant execution technique is effective in detecting and preventing code injection attacks.

References

B. Salamat, T. Jackson, G. Wagner, C. Wimmer, and M. Franz. (2010) on the effectiveness of multi-variant program execution for vulnerability detection and prevention. In International Workshop on Security Measurements and Metrics (MetriSec).

B. Salamat, T. Jackson, A. Gal, and M. Franz. (2009) Orchestra: Intrusion detection using parallel execution and monitoring of program variants in user-space. In Proceedings of the European Conference on Computer Systems, pages 33–46. ACM Press.

B. Salamat, C. Wimmer, and M. Franz. (2009) Synchronous signal delivery in a multi-variant intrusion detection system. Technical report, School of Information and Computer Sciences, University of California, Irvine.

B. Salamat, A. Gal, and M. Franz. (2008) Reverse stack execution in a multi-variant execution environment. In Workshop on Compiler and Architectural Techniques for Application Reliability and Security.

D. Evans, B. Cox, A. Filipi, J. Rowanhill, W. Hu, J. Davidson, J. Knight, A. Nguyen-Tuong, and J. Hiser (2006) “N-Variant Systems: A Secretless Framework for Security through Diversity,” Proc. USENIX Security Symp., pp. 105-120.

Downloads

Published

05-05-2012

How to Cite

Sheik Mydeen, K. A., & Bala Murugan, . V. (2012). RDACIA Runtime Defence Against Code Injection Attack Using N-Variant Approach. Asian Journal of Computer Science and Technology, 1(1), 43–46. https://doi.org/10.51983/ajcst-2012.1.1.1672

Issue

Vol. 1 No. 1 (2012): January-June 2012

Section

Articles

License

Copyright (c) 2012 The Research Publication

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.