Title :
Protecting Global and Static Variables from Buffer Overflow Attacks
Author :
Younan, Yves ; Piessens, Frank ; Joosen, Wouter
Author_Institution :
Dept. of Comput. Sci., Katholieke Univ. Leuven, Leuven
Abstract :
Many countermeasures exist to protect the stack and heap from code injection attacks, however very few countermeasures exist that will specifically protect global and static variables from attack. In this paper we suggest a way of protecting global and static variables from these type of attacks, with negligible performance and memory overheads. Our approach is based on the idea of separating data in de data segment based on its type. These separated areas are then protected from each other by a guard page. This prevents a buffer overflow from overwriting data or code pointers, in turn preventing attackers from being able to perform a code injection attack.
Keywords :
buffer storage; security of data; storage management; buffer overflow attack; code injection attack; code pointer; data segment; heap-based overflow; memory overhead; protect global variable; stack-based overflow; static variable; Availability; Buffer overflow; Computer science; Computer security; Data security; Gain control; Joining processes; Operating systems; Programming profession; Protection; C/C++; buffer overflows; countermeasure; data and bss;
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
DOI :
10.1109/ARES.2009.126
