Encoding function pointers and memory arrangement checking against buffer overflow attack
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Pyo, C | - |
dc.contributor.author | Lee, G | - |
dc.date.accessioned | 2022-04-11T03:42:01Z | - |
dc.date.available | 2022-04-11T03:42:01Z | - |
dc.date.created | 2022-04-11 | - |
dc.date.issued | 2002 | - |
dc.identifier.issn | 0302-9743 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/hongik/handle/2020.sw.hongik/27158 | - |
dc.description.abstract | Program counter is the only mechanism for processor to access instruction to execute. Protecting program counter is the fundamental defense for securing computer system. This paper presents a scheme of protecting program counter by encoding function pointers. In the scheme, every function address is encoded by linker. Compiler inserts instructions for decoding function addresses before call instruction. Encoding code pointers, function addresses as well as return addresses in stack frame, provides substantial coverage of protecting program counter. Several suggestions are also made to detect compromised code pointers at run-time without memory space for sensor mechanism. A demo Linux system has been under construction with the proposed scheme. Experimental data shows performance slowdown less than 10% when all return addresses and function addresses are encoded. With a Pentium III processor of 866MHz, the overhead for each function call is on the order of nanoseconds. We plan to migrate parts of our code pointer encoding scheme from linker to dynamic linker, which should improve security and performance. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | SPRINGER-VERLAG BERLIN | - |
dc.title | Encoding function pointers and memory arrangement checking against buffer overflow attack | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Pyo, C | - |
dc.identifier.wosid | 000182802800003 | - |
dc.identifier.bibliographicCitation | INFORMATION AND COMMUNICATIONS SECURITY, PROCEEDINGS, v.2513, pp.25 - 36 | - |
dc.relation.isPartOf | INFORMATION AND COMMUNICATIONS SECURITY, PROCEEDINGS | - |
dc.citation.title | INFORMATION AND COMMUNICATIONS SECURITY, PROCEEDINGS | - |
dc.citation.volume | 2513 | - |
dc.citation.startPage | 25 | - |
dc.citation.endPage | 36 | - |
dc.type.rims | ART | - |
dc.type.docType | Article; Proceedings Paper | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Theory & Methods | - |
dc.subject.keywordAuthor | buffer overflow attack | - |
dc.subject.keywordAuthor | program counter | - |
dc.subject.keywordAuthor | function pointer encoding | - |
dc.subject.keywordAuthor | memory arrangement checking | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
94, Wausan-ro, Mapo-gu, Seoul, 04066, Korea02-320-1314
COPYRIGHT 2020 HONGIK UNIVERSITY. ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.