A processor architecture defense against buffer overflow attacks

John P. McGregor, David K. Karig, Zhijie Shi, Ruby B. Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

51 Scopus citations

Abstract

Buffer overflow vulnerabilities in the memory stack continue to pose serious threats to network and computer security. By exploiting these vulnerabilities, a malicious party can strategically overwrite the return address of a procedure call, obtain control of a system, and subsequently launch more virulent attacks. Software countermeasures for such intrusions entail modifications to applications, compilers, and operating systems. Despite the availability of these defenses, many systems remain vulnerable to buffer overflow attacks. In this paper, we present a hardware-based solution that prevents buffer overflow attacks involving procedure return address corruption. We add a secure return address stack to the processor that provides built-in, dynamic protection against return address tampering without requiring any effort by users or application programmers. Also, the performance impact is negligible for most applications. Changes are not required of application source code, so both legacy and future software can enjoy the security benefits of this solution.

Original languageEnglish (US)
Title of host publicationProceedings, ITRE 2003 - International Conference on Information Technology
Subtitle of host publicationResearch and Education
Pages243-250
Number of pages8
DOIs
StatePublished - 2003
Event2003 International Conference on Information Technology: Research and Education, ITRE 2003 - Newark, NJ, United States
Duration: Aug 11 2003Aug 13 2003

Publication series

NameProceedings, ITRE 2003 - International Conference on Information Technology: Research and Education

Other

Other2003 International Conference on Information Technology: Research and Education, ITRE 2003
Country/TerritoryUnited States
CityNewark, NJ
Period8/11/038/13/03

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Education

Keywords

  • Buffer overflow
  • Computer security
  • Network security
  • Processor architecture
  • Return address corruption

Fingerprint

Dive into the research topics of 'A processor architecture defense against buffer overflow attacks'. Together they form a unique fingerprint.

Cite this