Runtime Prevention of Deserialization Attacks
2022 IEEE/ACM 44th International Conference on Software Engineering New Ideas and Emerging Results (ICSE-NIER)(2022)
Oracle Labs
Abstract
Untrusted deserialization exploits, where a serialised object graph is used to achieve denial-of-service or arbitrary code execution, have become so prominent that they were introduced in the 2017 OWASP Top 10. In this paper, we present a novel and lightweight approach for runtime prevention of deserialization attacks using Markov chains. The intuition behind our work is that the features and ordering of classes in malicious object graphs make them distinguishable from benign ones. Preliminary results indeed show that our approach achieves an Fl-score of 0.94 on a dataset of 264 serialised payloads, collected from an industrial Java BE application server and a repository of deserialization exploits. ACM Reference Format: François Gauthier and Sora Bae. 2022. Runtime Prevention of Deserialization Attacks. In New Ideas and Emerging Results (ICSE-NIER’22), May 21–29, 2022, Pittsburgh, PA, USA. ACM, New York, NY, USA, 5 pages. https://doi.org/10.1145/3510455.3512786
MoreTranslated text
Key words
Deserialization,Markov chains,Runtime protection
PDF
View via Publisher
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Data Disclaimer
The page data are from open Internet sources, cooperative publishers and automatic analysis results through AI technology. We do not make any commitments and guarantees for the validity, accuracy, correctness, reliability, completeness and timeliness of the page data. If you have any questions, please contact us by email: report@aminer.cn
Chat Paper
Summary is being generated by the instructions you defined