Automatic Patch Generation for Control Hijacking Attacks

With the number of solutions proposed to provide an adequate protection against overflow attacks, integer overflow still pose a significant threat to security and availability of todays computing environments. Most of the existing solutions terminate the vulnerable program when the overflow occurs, rendering the program unavailable and leading to denial of service. The impact on system availability is a serious problem on service orientated platforms. We will provide a solution that will automatically diagnose and patch any suspicious integer input that will lead to overflowing the values and causing further threats to possible buffer overflow in the system. The key idea of our solution is to virtualized memory accesses and moves the vulnerable buffer into protected memory regions, which provides a fundamental and effective protection against recurrence of the same attack without stopping the normal system execution.