Title :
Detecting heap smashing attacks through fault containment wrappers
Author :
Fetzer, Christof ; Xiao, Zhen
Author_Institution :
AT&T Labs. Res., Florham Park, NJ, USA
Abstract :
Buffer overflow attacks are a major cause of security breaches in modern operating systems. Not only are overflows of buffers on the stack a security threat, overflows of buffers kept on the heap can be too. A malicious user might be able to hijack the control flow of a root-privileged program if the user can initiate an overflow of a buffer on the heap when this overflow overwrites a function pointer stored on the heap. The paper presents a fault-containment wrapper which provides effective and efficient protection against heap buffer overflows caused by C library functions. The wrapper intercepts every function call to the C library that can write to the heap and performs careful boundary checks before it calls the original function. This method is transparent to existing programs and does not require source code modification or recompilation. Experimental results on Linux machines indicate that the performance overhead is small
Keywords :
C language; buffer storage; computer crime; operating systems (computers); program diagnostics; software libraries; C library functions; Linux machines; boundary checks; buffer overflow attacks; control flow; fault containment wrappers; fault-containment wrapper; function call; function pointer; heap buffer overflows; heap smashing attack detection; malicious user; modern operating systems; performance overhead; root-privileged program; security breaches; security threat; Buffer overflow; Buffer storage; Debugging; Fault detection; Fault tolerant systems; Libraries; Linux; Operating systems; Protection; Security;
Conference_Titel :
Reliable Distributed Systems, 2001. Proceedings. 20th IEEE Symposium on
Conference_Location :
New Orleans, LA
Print_ISBN :
0-7695-1366-2
DOI :
10.1109/RELDIS.2001.969756
