Self-protecting approach: design and implementation of a domain application customization to support the identification of Buffer Overflow and Format String attacks

Abstract

The current scenario of computing has shown us that our society increasingly depends on software systems to perform daily tasks. Current needs require such systems to operate under uncertain conditions, without interruptions or human intervention. The causes of uncertainty in such systems range from changes in the operating environment to variations in the objectives and needs of their users. In this direction, Self-adaptive Software (SaS) enables to deal with uncertainties through structural and/or behavioral modifications at runtime. Facing the growth in using software systems, there is an exponential increase in threats/vulnerabilities that pose risks to these systems. Based on the abovementioned scenario, our research group has been working in this direction, aiming to support the SaS community and others interested in the development of SaS and Self-Apps (Self-adaptive Service-oriented Applications) supported by standards and good software engineering practices. Among the ramifications of such initiatives, the development of a self-protecting approach, which aims to support the detection of malicious actions at runtime, resulted in some possibilities for future investigation. From this perspective, the expansion of the attack detection capacity of the self-protecting approach proposed by our research group stands out. Thus, the main purpose of this project is to extend such an approach so that it can support the following attacks: Buffer Overflow and Format String. To achieve this goal, customization in the AppPetShop application must be designed to capture the specific logs for each attack. Therefore, it is expected by the end of this project to have a self-protection solution that can monitor and deal with three types of attacks at runtime (i.e., SQLi, Buffer Overflow, and Format String).