Abstract :
In the paper we have considered the main methods of buffer overflows, mitigation strategies, and their influence on the memory consumption. The analysis of various methods of stack protection has given us an estimate of the additional memory required for the implementation of specific techniques. The size of the additional memory depends on many factors including computer architecture, OS environment, programming languages used to create the program. For the protection methods considered in the paper, the cost may vary from the insignificant amount for prevention purposes, based on the careful analysis of input data in the program, to the use of Guard Pages when extra memory may include additional pages of the memory. In many cases developers have to use various mitigation strategies in order to make programs less vulnerable to buffer overflows. The main contribution of this paper is the analysis and evaluation of the additional memory required for the various methods of protection from buffer overflow. The current paper allows readers to understand the cost of these methods more clearly, which, in turn, will result in more efficient and secure programs. The results of this paper are useful for both software developers and the instructors who teach methods of secure programming.
Keywords :
buffer storage; computer architecture; operating systems (computers); programming languages; OS environment; buffer overflow; computer architecture; extra memory; guard pages; memory consumption; mitigation strategy; prevention purpose; programming languages; protection method; secure programming; software developers; stack protection; Buffer overflows; Instruction sets; Libraries; Memory management; Security; buffer overflows; memory consumption; mitigation strategies;
