DocumentCode :
2038908
Title :
SecureC: control-flow protection against general buffer overflow attack
Author :
Nishiyama, Hiroyasu
Author_Institution :
Syst. Dev. Lab., HITACHI, Ltd., Kawasaki, Japan
Volume :
1
fYear :
2005
fDate :
26-28 July 2005
Firstpage :
149
Abstract :
Increasing damage from computer virus or worms creating significant problems worldwide. These malicious programs take advantage of computer vulnerabilities to distort the control-flow of the target system. Among these vulnerabilities, buffer overflow is most frequently used as a means of intrusion. To protect against buffer overflow attacks, we have developed a source-to-source translator called SecureC. It incorporates two novel protection methods, "shadow stack" and "code pointer protection" that prevent control-flow transfer caused by buffer overflow attacks. Evaluation using 11 SPEC CPU2000 benchmark programs showed that SecureC prevents buffer overflow attacks with only 6.1% performance penalty.
Keywords :
C language; buffer storage; computer viruses; data flow analysis; virtual storage; SPEC CPU2000 benchmark programs; SecureC; buffer overflow attack; code pointer protection; computer virus; computer vulnerability; computer worms; control-flow distortion; control-flow protection; control-flow transfer; intrusion; malicious programs; shadow stack; source-to-source translator;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Software and Applications Conference, 2005. COMPSAC 2005. 29th Annual International
ISSN :
0730-3157
Print_ISBN :
0-7695-2413-3
Type :
conf
DOI :
10.1109/COMPSAC.2005.136
Filename :
1510012
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2038908
بازگشت