Title :
Run-time detection of buffer overflow attacks without explicit sensor data objects
Author :
Pyo, Changwoo ; Bae, Byungchul ; Kim, Taejin ; Lee, Gyungho
Author_Institution :
Hongik Univ., Seoul, South Korea
Abstract :
This paper presents two schemes for detecting buffer overflow attacks at run-time. One is sensor embedding, which hides sensor data objects inside code pointers, and the other, stack frame inversion checking, which detects attacks by inspecting processor registers. Our methods make it difficult for attackers to guess the locations of sensors so that they cannot easily bypass sensors when they attempt to access code pointers. We have implemented the schemes by extending the GCC toolchain. Experimental data shows that our schemes provide programs with powerful detection and protection capabilities at the reasonable sacrifice of execution efficiency. Operating systems would improve on the defense against buffer overflow attacks by using our toolchain when they are built.
Keywords :
buffer storage; operating systems (computers); security of data; sensor fusion; storage allocation; system monitoring; GCC toolchain; access code pointers; buffer overflow attack; operating systems; processor register inspection; run-time detection; sensor data objects; sensor embedding; stack frame inversion checking; Buffer overflow; Computer crashes; Counting circuits; Internet; National security; Object detection; Operating systems; Power system protection; Registers; Runtime;
Conference_Titel :
Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
Print_ISBN :
0-7695-2108-8
DOI :
10.1109/ITCC.2004.1286425
