Abstract
How to mitigate remote attacks that exploit buffer overflow vulnerabilities on the stack and enable attackers to take control of the program.
- Aleph One. Smashing the stack for fun and Profit. Phrack Magazine 7, 49 (Fall 1997); www.phrack.com/.Google Scholar
- Baratloo, A., Singh, N., and Tsai, T. Transparent fun-time defense against stack smashing attacks. In Proceedings of the 2000 USENIX Technical Conference (San Diego, CA, June 2000). Google ScholarDigital Library
- Chiueh, T. and Hsu, F.-H. RAD: A compile-time solution to buffer overflow attacks. In Proceedings of the 21st International Conference on Distributed Computing Systems (Mesa, AZ, Apr. 2001). Google ScholarDigital Library
- Cowan, C., Pu, C., Maier, D., Hinton, H., Bakke, P., Beattie, S., Grier, A., Wagle, P., and Zhang, Q. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the Seventh USENIX Security Conference (San Antonio, TX, Jan. 1998). Google ScholarDigital Library
- Jim, T., Morrisett, G., Grossman, D., Hicks, M., Cheney, J., and Wang, Y. Cyclone: A safe dialect of C. In Proceedings of the 2002 USENIX Annual Technical Conference (Monterey, CA, June 2002), 275--288; www.research.att.com/projects/cyclone/. Google ScholarDigital Library
- Kiriansky, V., Bruening, D., and Amarasinghe, S. Secure execution via program shepherding. In Proceedings of the 11th USENIX Security Symposium (Aug. 2002). Google ScholarDigital Library
- Larochelle, D. and Evans, D. Statically detecting likely buffer overflow vulnerabilities. In Proceedings of the 2001 USENIX Security Symposium (Aug. 2001). Google ScholarDigital Library
- Necula, G. Proof-carrying code. In Proceedings of the 24th ACM Symposium on Principles of Programming Languages (Jan. 1997), 106--119. Google ScholarDigital Library
- Newsham, T. Format String Attacks. White paper, Guardent, Inc., Sept. 2000; www.lava.net/~newsham/format-string-attacks.pdf.Google Scholar
- Ozdoganoglu, H., Brodley, C., Vijaykumar, T., Jalote, A., and Kuperman, B. SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address. Tech. Rep. TR-ECE 03-13, Purdue University School of Electrical and Computer Engineering, Nov. 2003; www.smashguard.org/.Google Scholar
- Prasad, M. and Chiueh, T. A binary rewriting defense against stack-based buffer overflow attacks. In Proceedings of the 2003 USENIX Annual Technical Conference (San Antonio, TX, June 2003).Google Scholar
- Xu, J., Kalbarczyk, Z., Patel, S., and Iyer, R. Architecture support for defending against buffer overflow attacks. In Proceedings of the 2002 Workshop on Evaluating and Architecting System dependabilitY (EASY-2002) (University of Illinois at Urbana-Champaign, Oct. 2002).Google Scholar
Index Terms
- Detection and prevention of stack buffer overflow attacks
Recommendations
Microarchitectural Protection Against Stack-Based Buffer Overflow Attacks
Although researchers have proposed several software approaches to preventing buffer overflow attacks, adversaries still extensively exploit this vulnerability. A microarchitecture-based, software-transparent mechanism offers protection against stack-...
Monitoring Buffer Overflow Attacks: A Perennial Task
Buffer overflow BOF is a well-known, and one of the worst and oldest, vulnerabilities in programs. BOF attacks overwrite data buffers and introduce wide ranges of attacks like execution of arbitrary injected code. Many approaches are applied to mitigate ...
Comments