Accession Number : ADA571101


Title :   Memory Corruption Mitigations and Their Implementation Progress in Third-Party Windows Applications


Descriptive Note : Master's thesis


Corporate Author : NAVAL POSTGRADUATE SCHOOL MONTEREY CA


Personal Author(s) : Cevik, Serbulent


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a571101.pdf


Report Date : Sep 2012


Pagination or Media Count : 85


Abstract : It has been more than two decades since the first practical implementation of a memory corruption attack. Despite the fact that there has been much research done on efficiently protecting systems from this type of attack, memory corruption attacks still hold the lion's share among all exploitation techniques used against software systems. The Windows family of operating systems, as the most used operating system in the world, has suffered from memory corruption attacks more than any other system. Through the years, Microsoft has introduced various mechanisms for the detection and prevention of memory corruption attacks on Windows platforms. This thesis provides a time line and detailed analysis of the memory protection mechanisms introduced in the Windows family of operating systems. Using these measures, Microsoft has diminished the number of successful exploitations of their software products, yet adoption of these measures by independent software vendors (ISVs) developing software for the Windows platform has not materialized as expected. The results of this thesis show that while most ISVs implement mitigations offered by Microsoft, few applications implement all these mitigations thoroughly.


Descriptors :   *HACKING(COMPUTER SECURITY) , COMPUTER PROGRAMS , DETECTION , THESES


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE