论文信息 - Hardware-Enforced Protection Against Buffer Overflow Using Masked Program Counter

Hardware-Enforced Protection Against Buffer Overflow Using Masked Program Counter

The threat based on Buffer Overflow is one of the main software vulnerability which is exploited by many viruses and cyber attacks. A buffer overflow overwrites the return address to the parent program of a subroutine. To counter it, we propose in this paper to mask on-the-fly this return address by slightly modifying the processor architecture. We show that the hardware overhead, as well as software modification, is very small. The efficiency has been demonstrated on a bare metal program running on a Leon 3 processor. This paper also shows the limitation when using a real OS.

Sylvain Guilley | Jean-Luc Danger | Florian Praden | Thibault Porteboeuf | Michaël Timbert

[1] Hovav Shacham,et al. On the effectiveness of address-space randomization , 2004, CCS '04.

[2] Zhenkai Liang,et al. Jump-oriented programming: a new class of code-reuse attack , 2011, ASIACCS '11.

[3] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.

[4] Michael Shuey,et al. StackGhost: Hardware Facilitated Stack Protection , 2001, USENIX Security Symposium.

[5] Hovav Shacham,et al. When good instructions go bad: generalizing return-oriented programming to RISC , 2008, CCS.

[6] Christoforos E. Kozyrakis,et al. Real-World Buffer Overflow Protection for Userspace and Kernelspace , 2008, USENIX Security Symposium.

[7] Jonathan D. Pincus,et al. Beyond stack smashing: recent advances in exploiting buffer overruns , 2004, IEEE Security & Privacy Magazine.

[8] John Johansen,et al. PointGuard™: Protecting Pointers from Buffer Overflow Vulnerabilities , 2003, USENIX Security Symposium.

[9] Sotiris Ioannidis,et al. ASIST: architectural support for instruction set randomization , 2013, CCS.