TY - GEN
T1 - A processor architecture defense against buffer overflow attacks
AU - McGregor, John P.
AU - Karig, David K.
AU - Shi, Zhijie
AU - Lee, Ruby B.
PY - 2003
Y1 - 2003
N2 - Buffer overflow vulnerabilities in the memory stack continue to pose serious threats to network and computer security. By exploiting these vulnerabilities, a malicious party can strategically overwrite the return address of a procedure call, obtain control of a system, and subsequently launch more virulent attacks. Software countermeasures for such intrusions entail modifications to applications, compilers, and operating systems. Despite the availability of these defenses, many systems remain vulnerable to buffer overflow attacks. In this paper, we present a hardware-based solution that prevents buffer overflow attacks involving procedure return address corruption. We add a secure return address stack to the processor that provides built-in, dynamic protection against return address tampering without requiring any effort by users or application programmers. Also, the performance impact is negligible for most applications. Changes are not required of application source code, so both legacy and future software can enjoy the security benefits of this solution.
AB - Buffer overflow vulnerabilities in the memory stack continue to pose serious threats to network and computer security. By exploiting these vulnerabilities, a malicious party can strategically overwrite the return address of a procedure call, obtain control of a system, and subsequently launch more virulent attacks. Software countermeasures for such intrusions entail modifications to applications, compilers, and operating systems. Despite the availability of these defenses, many systems remain vulnerable to buffer overflow attacks. In this paper, we present a hardware-based solution that prevents buffer overflow attacks involving procedure return address corruption. We add a secure return address stack to the processor that provides built-in, dynamic protection against return address tampering without requiring any effort by users or application programmers. Also, the performance impact is negligible for most applications. Changes are not required of application source code, so both legacy and future software can enjoy the security benefits of this solution.
KW - Buffer overflow
KW - Computer security
KW - Network security
KW - Processor architecture
KW - Return address corruption
UR - http://www.scopus.com/inward/record.url?scp=50249180640&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=50249180640&partnerID=8YFLogxK
U2 - 10.1109/ITRE.2003.1270612
DO - 10.1109/ITRE.2003.1270612
M3 - Conference contribution
AN - SCOPUS:50249180640
SN - 0780377249
SN - 9780780377240
T3 - Proceedings, ITRE 2003 - International Conference on Information Technology: Research and Education
SP - 243
EP - 250
BT - Proceedings, ITRE 2003 - International Conference on Information Technology
T2 - 2003 International Conference on Information Technology: Research and Education, ITRE 2003
Y2 - 11 August 2003 through 13 August 2003
ER -