Title :
Efficient array & pointer bound checking against buffer overflow attacks via hardware/software
Author :
Shao, Zili ; Xue, Chun ; Zhuge, Qingfeng ; Sha, Edwin H M ; Xiao, Bin
Author_Institution :
Dept. of Comput. Sci., Texas Univ., Dallas, TX, USA
Abstract :
Buffer overflow attacks cause serious security problems. Array & pointer bound checking is one of the most effective approaches for defending against buffer overflow attacks when source code is available. However; original array & pointer bound checking causes too much overhead since it is designed to catch memory errors and it puts too many checks. In this paper, we propose an efficient array & pointer bound checking strategy to defend against buffer overflow attacks. In our strategy, only the bounds of write operations are checked. We discuss the optimization strategy via hardware/software and conduct experiments. The experimental results show that our strategy can greatly reduce the overhead of array & pointer bound checking. Our conclusion is that based on our strategy, array & pointer bound checking can be a practical solution for defending systems against buffer overflow attacks with tolerable overhead.
Keywords :
buffer storage; optimising compilers; security of data; array bound checking; buffer overflow attack; pointer bound checking; write operation; Buffer overflow; Computer bugs; Computer science; Computer security; Computer worms; Hardware; Optimization methods; Protection; Read-write memory; Runtime;
Conference_Titel :
Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on
Print_ISBN :
0-7695-2315-3
DOI :
10.1109/ITCC.2005.140
