Bypassing Data Execution Prevention on MicrosoftWindows XP SP2

Vienna, Austria April 10-April 13

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ARES.2007.54

The Second International Conference o ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Nenad Stojanovski Articles by Marjan Gusev Articles by Danilo Gligoroski Articles by Svein.J. Knapskog

	ASCII Text	x
	Nenad Stojanovski, Marjan Gusev, Danilo Gligoroski, Svein.J. Knapskog, "Bypassing Data Execution Prevention on MicrosoftWindows XP SP2," Availability, Reliability and Security, International Conference on, pp. 1222-1226, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.54, author = {Nenad Stojanovski and Marjan Gusev and Danilo Gligoroski and Svein.J. Knapskog}, title = {Bypassing Data Execution Prevention on MicrosoftWindows XP SP2}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {1222-1226}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.54}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Bypassing Data Execution Prevention on MicrosoftWindows XP SP2 SN - 0-7695-2775-2 SP1222 EP1226 A1 - Nenad Stojanovski, A1 - Marjan Gusev, A1 - Danilo Gligoroski, A1 - Svein.J. Knapskog, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Nenad Stojanovski, Macedonian Telecommunication

Marjan Gusev, St. Cyril and Methodious University, Republic of Macedonia

Danilo Gligoroski, Norwegian University of Science and Technology, Trondheim, Norway

Svein.J. Knapskog, Norwegian University of Science and Technology, Trondheim, Norway

The evolution of Microsoft Windows from a desktop operating system into a server operating system has brought attention to and concern of some severe security issues. Attacks that exploited buffer overflows started appearing for the services that were used on the new server operating system. Recently, Microsoft decided to implement a protective measure: Data Execution Prevention - DEP in two of their products: Service Pack 2 for Windows XP and Service Pack 1 for Windows 2003. The measure has been implemented as one of the core security mechanisms with the intention to prevent the attackers from breaking into the system i.e., to prevent the execution of code in non-executable memory regions.

In this paper we show that the initial implementation of the software for DEP in Windows XP Service Pack 2 is actually not at all secure and that stack overflow attacks against DEP are as effective as attacks against systems that do not have DEP.

Citation:

Nenad Stojanovski, Marjan Gusev, Danilo Gligoroski, Svein.J. Knapskog, "Bypassing Data Execution Prevention on MicrosoftWindows XP SP2," ares, pp.1222-1226, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.