The damage caused by the Heartbleed security bug is incalculable. Buffer overreads can expose any data in a system's memory, from confidential patient information to banking records to private encryption keys. It is difficult to detect when an attack has been successful or what data may have been exposed without having logs of every packet sent in or out of a system. We propose a method to help reduce the impact should an attacker successfully launch a buffer overread attack.

Authors: Fred Rosenberger, Aspen Olmsted

Published in: World Congress on Internet Security (WorldCIS-2022)

  • Date of Conference: 6-8 December 2022
  • DOI: 10.20533/WorldCIS.2022.0002
  • ISBN: 978-1-913572-56-3
  • Conference Location: London, UK