Simultaneous multithreading: maximizing on-chip parallelism
ISCA '95 Proceedings of the 22nd annual international symposium on Computer architecture
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ATEC '02 Proceedings of the General Track of the annual conference on USENIX Annual Technical Conference
CSSV: towards a realistic tool for statically detecting all buffer overflows in C
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
RAD: A Compile-Time Solution to Buffer Overflow Attacks
ICDCS '01 Proceedings of the The 21st International Conference on Distributed Computing Systems
Protecting C programs from attacks via invalid pointer dereferences
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
StackGhost: Hardware facilitated stack protection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
FormatGuard: automatic protection from printf format string vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Address obfuscation: an efficient approach to combat a board range of memory error exploits
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Transparent run-time defense against stack smashing attacks
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Accurate buffer overflow detection via abstract payload execution
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A polymorphic shellcode detection mechanism in the network
Proceedings of the 2nd international conference on Scalable information systems
Security extensions for integrity and confidentiality in embedded processors
Microprocessors & Microsystems
Defeating return-oriented rootkits with "Return-Less" kernels
Proceedings of the 5th European conference on Computer systems
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
Using Pit to improve security in low-level programs
The Journal of Supercomputing
PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
Proceedings of the 2012 workshop on New security paradigms
Hi-index | 14.98 |
A buffer overflow attack is perhaps the most common attack used to compromise the security of a host. This attack can be used to change the function return address and redirect execution to the attacker's code. We present a hardware-based solution, called SmashGuard, to protect against all known forms of attack on the function return addresses stored on the program stack. With each function call instruction, the current return address is pushed onto a hardware stack. A return instruction compares its address to the return address from the top of the hardware stack. An exception is raised to signal the mismatch. Because the stack operations and checks are done in hardware in parallel with the usual execution of instructions, our best-performing implementation scheme has virtually no performance overhead (because we are modifying hardware, it is impossible to guarantee zero overhead without an actual hardware implementation). While previous software-based approaches' average performance degradation for the SPEC2000 benchmarks is only 2.8 percent, their worst-case degradation is up to 8.3 percent. Apart from the lack of robustness in performance, the software approaches' key disadvantages are less security coverage and the need for recompilation of applications. SmashGuard, on the other hand, is secure and does not require recompilation of applications.