HeapDefender: A Mechanism of Defending Embedded Systems against Heap Overflow via Hardware

Buffer overflow attacks have been causing serious security problems for decades. While numerous approaches have been proposed to prevent stack overflows, heap overflows remain a security threat and a frequent source of bugs. Embedded systems can be easily attacked by the heap overflow attacks. In this paper, based on analyzing the security of an embedded processor at instruction level, we propose a hardware defense mechanism, Heap Defender, which aims to detect heap buffer overflow attacks. Heap Defender, a module of hardware located the inside of the embedded processor, neither modifies the program nor destroys the pipeline integrity. The instructions parsed in parallel within the Heap Defender are synchronized with the CPU pipeline which makes the Heap Defender have little performance overhead. As demonstrated in an FPGA (Field Programmable Gate Array) prototyping, the experimental results show that Heap Defender can effectively detect heap buffer overflow attacks with around 15% hardware cost overhead and only 0.1% performance penalty.

[1]  Crispan Cowan,et al.  StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.

[2]  David R. O'Hallaron,et al.  Computer Systems: A Programmer's Perspective , 1991 .

[3]  Yu Chen,et al.  Using type analysis in compiler to mitigate integer-overflow-to-buffer-overflow threat , 2011, J. Comput. Secur..

[4]  Rithin Kumar Shetty HeapMon: a Low Overhead, Automatic, and Programmable Memory Bug Detector , 2005 .

[5]  Miguel Castro,et al.  Securing software by enforcing data-flow integrity , 2006, OSDI '06.

[6]  Deepak Gupta,et al.  TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection , 2004, USENIX Security Symposium.

[7]  Wouter Joosen,et al.  BuBBle: A Javascript Engine Level Countermeasure against Heap-Spraying Attacks , 2010, ESSoS.

[8]  Todd C. Miller,et al.  strlcpy and strlcat - Consistent, Safe, String Copy and Concatenation , 1999, USENIX Annual Technical Conference, FREENIX Track.

[9]  Yi He,et al.  Defending embedded systems against buffer overflow via hardware/software , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[10]  Derek Bruening,et al.  Secure Execution via Program Shepherding , 2002, USENIX Security Symposium.

[11]  George C. Necula,et al.  CCured: type-safe retrofitting of legacy software , 2005, TOPL.

[12]  Liu Haiyan,et al.  Realization of Buffer Overflow , 2010, 2010 International Forum on Information Technology and Applications.

[13]  Peng Liu,et al.  Cruiser: concurrent heap buffer overflow monitoring using lock-free data structures , 2011, PLDI '11.

[14]  Matt Bishop,et al.  A Taxonomy of Buffer Overflow Characteristics , 2012, IEEE Transactions on Dependable and Secure Computing.

[15]  James Cheney,et al.  Cyclone: A Safe Dialect of C , 2002, USENIX Annual Technical Conference, General Track.

[16]  Milo M. K. Martin,et al.  Hardbound: architectural support for spatial safety of the C programming language , 2008, ASPLOS.

[17]  Martín Abadi,et al.  Control-flow integrity , 2005, CCS '05.

[18]  Robert O. Hastings,et al.  Fast detection of memory leaks and access errors , 1991 .

[19]  Todd M. Austin,et al.  Efficient detection of all pointer and array access errors , 1994, PLDI '94.

[20]  Yan Solihin,et al.  HeapMon: A helper-thread approach to programmable, automatic, and low-overhead memory bug detection , 2006, IBM J. Res. Dev..

[21]  Jingbo Yuan,et al.  Identifying buffer overflow vulnerabilities based on binary code , 2011, 2011 IEEE International Conference on Computer Science and Automation Engineering.

[22]  Navjot Singh,et al.  Libsafe: transparent system-wide protection against buffer overflow attacks , 2002, Proceedings International Conference on Dependable Systems and Networks.

[23]  Olatunji Ruwase,et al.  A Practical Dynamic Buffer Overflow Detector , 2004, NDSS.