A lot of researches have been done on code injection, but the problem of the attack still persists. Modern architectural solutions such as the NX-bit and Pax have been useful in limiting the attacks, however they enforce program layout restrictions and can often times still be circumvented by a determined attacker. A memory architecture of a modern processor is proposed to address the code injection problem. This will split memory into code and data memory such that it will prevent the processor from injecting code execution. This virtual split memory system can be implemented as a software only patch to an operating system, and can be used to supplement existing schemes for improved protection. The experimental results show the system is effective in preventing a wide range of code injection attacks while incurring acceptable overhead.
Keywords: Code Injection, Secure Memory Architecture, Split Memory
TABLE OF CONTENTS
CHAPTER ONE: Introduction
1.0 Background to the Study
1.1 Aim and Objective of the Project
1.2 Justification
1.3 Scope of the Study
1.4 Methodology/Research Procedure
1.5 Definition of Terms
1.6 Organisation of the Project
CHAPTER TWO: Literature Review
2.1 Vulnerability Analysis and Scanner
2.1.1 Limitations of the Vulnerability Scanner
2.2 Threat Modelling
2.3 Security Perimeter
2.4 Threat Classification
2.5 SQL Injection
2.5.1 SQL Injection Prevention– Intrusion Detection System
2.5.2. Static Approach for SQL Injection Countermeasures
2.5.3 Dynamic Approach for SQL Injection Countermeasures
2.5.4 Hybrid SQLIA Prevention Approach
2.5.5 Mutation Based Approach to Detect SQL Injection
2.6 XPATH Injection
2.7 Session Hijacking
CHAPTER THREE
3.0 Design and Implementation
3.1 Proposed System
3.1.1 Advantages of Proposed System
3.2 Feasibility Study
3.2.1 Economic Feasibility
3.2.2 Technical Feasibility
3.2.3 Social Feasibility
3.3 System Specification
3.3.1. Hardware Requirement
3.3.2. Software Requirement
3.4 Software Description
3.4.1 ASP.NET
3.4.2. Features of ASP.NET
CHAPTER FOUR
4.0 Module Description
4.1 Authentication Phase
4.2 Split Memory Phase
4.3 Address space Intrusion Avoidance phase
4.4 Preventing Code Injection phase
4.5 Data Flow Diagram
4.6 Database Design
4.6.1 Honey Pot Database
4.7 Input Design
4.8 Output Design
4.9 System Testing
4.9.1 Unit Testing
4.9.2 Integration Testing
4.9.3 Validation Testing
4.10 System Implementation
CHAPTER FIVE: Conclusion and future Enhancements
5.1 Conclusion
5.2 Future Enhancements
References
Appendix
LISTS OF TABLES
4.1 Account Creation
4.2 Temporary Transaction
4.3 Registration
4.4 Hidden Details
4.5 Upload
LIST OF FIGURES
4.1 Level 0 DFD: Overview of forestalling code injection
4.2 Level 1 DFD: Preventing Code
4.3 Level 2 DFD: Tracking and Split Memory
4.6 Architecture of forestalling code injection attack
