A processor architecture defense against buffer overflow attacks Export

@inproceedings{mcgregor03, abstract = {Buffer overflow vulnerabilities in the memory stack continue to pose serious threats to network and computer security. By exploiting these vulnerabilities, a malicious party can strategically overwrite the return address of a procedure call, obtain control of a system, and subsequently launch more virulent attacks. Software countermeasures for such intrusions entail modifications to applications, compilers, and operating systems. Despite the availability of these defenses, many systems remain vulnerable to buffer overflow attacks. We present a hardware-based solution that prevents buffer overflow attacks involving procedure return address corruption. We add a secure return address stack to the processor that provides built-in, dynamic protection against return address tampering without requiring any effort by users or application programmers. Also, the performance impact is negligible for most applications. Changes are not required of application source code, so both legacy and future software can enjoy the security benefits of this solution.}, author = {Mcgregor, J. and Karig, D. and Shi, Z. and Lee, R.}, citeulike-article-id = {104064}, citeulike-linkout-0 = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1270612}, journal = {Information Technology: Research and Education, 2003. Proceedings. ITRE2003. International Conference on}, keywords = {buffer\_overrun, security}, pages = {243--250}, posted-at = {2007-11-11 11:51:29}, priority = {0}, title = {A processor architecture defense against buffer overflow attacks}, url = {http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1270612}, year = {2003} }

TY - CONF ID - mcgregor03 L3 - citeulike-article-id:104064 N2 - Buffer overflow vulnerabilities in the memory stack continue to pose serious threats to network and computer security. By exploiting these vulnerabilities, a malicious party can strategically overwrite the return address of a procedure call, obtain control of a system, and subsequently launch more virulent attacks. Software countermeasures for such intrusions entail modifications to applications, compilers, and operating systems. Despite the availability of these defenses, many systems remain vulnerable to buffer overflow attacks. We present a hardware-based solution that prevents buffer overflow attacks involving procedure return address corruption. We add a secure return address stack to the processor that provides built-in, dynamic protection against return address tampering without requiring any effort by users or application programmers. Also, the performance impact is negligible for most applications. Changes are not required of application source code, so both legacy and future software can enjoy the security benefits of this solution. JF - Information Technology: Research and Education, 2003. Proceedings. ITRE2003. International Conference on EP - 250 TI - A processor architecture defense against buffer overflow attacks SP - 243 KW - buffer_overrun KW - security AU - Mcgregor, J AU - Karig, D AU - Shi, Z AU - Lee, R PY - 2003/// UR - http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1270612 ER -