Run-time detection of buffer overflow attacks without explicit sensor data objects
- Authors
- Pyo, C; Kim, T; Bae, B; Lee, G
- Issue Date
- 2004
- Publisher
- IEEE COMPUTER SOC
- Citation
- ITCC 2004: INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: CODING AND COMPUTING, VOL 1, PROCEEDINGS, pp.50 - 54
- Journal Title
- ITCC 2004: INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: CODING AND COMPUTING, VOL 1, PROCEEDINGS
- Start Page
- 50
- End Page
- 54
- URI
- https://scholarworks.bwise.kr/hongik/handle/2020.sw.hongik/30066
- Abstract
- This paper presents two schemes for detecting buffer overflow attacks at run-time. One is sensor embedding, which hides sensor data objects inside code pointers, and the other stack frame inversion checking, which detects attacks by inspecting processor registers. Our methods make it difficult for attackers to guess the locations of sensors so that they cannot easily bypass sensors when they attempt to access code pointers. We have implemented the schemes by extending the GCC toolchain. Experimental data shows that our schemes provide programs with powerful detection and protection capabilities at the reasonable sacrifice of execution efficiency. Operating systems would improve on the defense against buffer overflow attacks by using our toolchain when they are built.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - ETC > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/hongik/handle/2020.sw.hongik/30066)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.