Title :
Buffer-Overflow Protection: The Theory
Author :
Piromsopa, Krerk ; Enbody, Richard J.
Author_Institution :
Dept. of Comput. Sci. & Eng., Michigan State Univ.
Abstract :
We propose a framework for protecting against buffer overflow attacks $the oldest and most pervasive attack technique. The malicious nature of buffer-overflow attacks is the use of external data (input) as addresses (or control data). With this observation, we establish a sufficient condition for preventing buffer-overflow attacks and prove that it creates a secure system with respect to buffer-overflow attacks. The underlying concept is that input is untrustworthy, and should not be use as addresses (return addresses and function pointers). If input can be identified, buffer-overflow attacks can be caught. We used this framework to create an effective, hardware, buffer-overflow prevention tool
Keywords :
buffer circuits; security of data; buffer overflow attacks; buffer-overflow protection; computer security; control data; function pointers; function-pointer attacks; intrusion detection; intrusion prevention; return addresses; Buffer overflow; Buffer storage; Computer science; Computer security; Computer worms; Hardware; Intrusion detection; Programming profession; Protection; Sufficient conditions; Buffer overflow; Buffer-Overflow Attacks; Computer security; Function-Pointer Attacks; Intrusion Detection; Intrusion Prevention;
Conference_Titel :
Electro/information Technology, 2006 IEEE International Conference on
Conference_Location :
East Lansing, MI
Print_ISBN :
0-7803-9592-1
Electronic_ISBN :
0-7803-9593-X
DOI :
10.1109/EIT.2006.252128
