Title :
A Segment-based Approach of Defending Against Buffer Overflow Attacks
Author :
Tan, Yu-An ; Zheng, Ji-Yan ; Cao, Yuan-Da
Author_Institution :
Beijing Institute of Technology, China
Abstract :
Buffer overflows remain the leading cause of software vulnerabilities in the world of information security. The proposed segment-based non-executable stack approach aims to prevent the injection and execution of arbitrary code in an existing process´s stack space under Windows NT/2000 and Intel 32-bit CPUs. The application´s user-mode stack is relocated to the higher address and the effective limit of the code segment excludes the relocated stack from the code segment. The segmentation logic of IA-32 processors monitors the accesses to the memory ranges and a page fault is generated if instruction fetches are initiated in the stack memory pages. It is highly effective in preventing both known and yet unknown stack smashing attacks.
Keywords :
Buffer overflow; Computer science; Explosives; Information security; Internet; Kernel; Libraries; Logic; Protection; Space technology;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2005. PDCAT 2005. Sixth International Conference on
Print_ISBN :
0-7695-2405-2
DOI :
10.1109/PDCAT.2005.47
