JOURNAL ARTICLE

Detection, exploitation and mitigation of memory errors.

  • Published In: Logic Journal of the IGPL, 2024, v. 32, n. 2. P. 281 1 of 3

  • Database: Business Source Ultimate 2 of 3

  • Authored By: Llorente-Vazquez, Oscar; Santos-Grueiro, Igor; Pastor-Lopez, Iker; Bringas, Pablo Garcia 3 of 3

Abstract

The article focuses on memory corruption vulnerabilities arising from memory safety violations in programs written primarily in C and C++, which lack automatic memory management. It categorizes memory errors into spatial errors, temporal errors, and type confusion, and examines how attackers exploit these flaws through techniques such as code injection, code reuse (including Return Oriented Programming), and non-control data attacks. The paper also reviews mitigation strategies like Control-Flow Integrity (CFI), Address Space Layout Randomisation (ASLR), and Data-Flow Integrity (DFI), alongside detection methods including fuzz testing, static analysis, symbolic execution, and sanitizers. Despite extensive research and numerous defense mechanisms, memory corruption remains a persistent security challenge, underscoring the need for continued investigation in this area.

Additional Information

  • Source:Logic Journal of the IGPL. 2024/04, Vol. 32, Issue 2, p281
  • Document Type:Literature Review
  • Subject Area:Computer Science
  • Publication Date:2024
  • ISSN:1367-0751
  • DOI:10.1093/jigpal/jzae008
  • Accession Number:176218580
  • Copyright Statement:Copyright of Logic Journal of the IGPL is the property of Oxford University Press / USA and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Looking to go deeper into this topic? Look for more articles on EBSCOhost.