Run-time detection of buffer overflow attacks without explicit sensor data objects

Author

Pyo, Changwoo ; Bae, Byungchul ; Kim, Taejin ; Lee, Gyungho

Author_Institution

Hongik Univ., Seoul, South Korea

Volume

1

fYear

2004

fDate

5-7 April 2004

Firstpage

50

Abstract

This paper presents two schemes for detecting buffer overflow attacks at run-time. One is sensor embedding, which hides sensor data objects inside code pointers, and the other, stack frame inversion checking, which detects attacks by inspecting processor registers. Our methods make it difficult for attackers to guess the locations of sensors so that they cannot easily bypass sensors when they attempt to access code pointers. We have implemented the schemes by extending the GCC toolchain. Experimental data shows that our schemes provide programs with powerful detection and protection capabilities at the reasonable sacrifice of execution efficiency. Operating systems would improve on the defense against buffer overflow attacks by using our toolchain when they are built.

Keywords

buffer storage; operating systems (computers); security of data; sensor fusion; storage allocation; system monitoring; GCC toolchain; access code pointers; buffer overflow attack; operating systems; processor register inspection; run-time detection; sensor data objects; sensor embedding; stack frame inversion checking; Buffer overflow; Computer crashes; Counting circuits; Internet; National security; Object detection; Operating systems; Power system protection; Registers; Runtime;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on

Print_ISBN

0-7695-2108-8

Type

conf

DOI

10.1109/ITCC.2004.1286425

Filename

1286425