Abstract | ||
---|---|---|
Suffering from the big "hit" by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer over-read attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable. |
Year | DOI | Venue |
---|---|---|
2016 | 10.1109/CIC.2016.027 | 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC) |
Keywords | Field | DocType |
server protection,Heartbleed attack,zero-day continuous buffer over-read attacks,HTTPS servers,probing requests,adaptive defense systems,data structure manipulation attacks | Heartbleed,Data structure,Computer science,Computer security,Server | Conference |
ISBN | Citations | PageRank |
978-1-5090-4608-9 | 0 | 0.34 |
References | Authors | |
8 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zhisheng Hu | 1 | 7 | 3.86 |
Ping Chen | 2 | 197 | 13.22 |
Yang Lu | 3 | 183 | 50.38 |
Minghui Zhu | 4 | 0 | 0.34 |
P. Liu | 5 | 378 | 41.58 |