Secure Cache: Run-Time Detection and Prevention of Buffer Overflow Attacks
نویسنده
چکیده
This paper shows a novel cache architecture, called SCache, to detect and prevent buffer-overflow attacks at run time. A number of malicious codes exploit buffer-overflow vulnerability to alter a return-address value and hijack the program-execution control. In order to solve the security issue, SCache generates replica cache lines on each return-address store, and compares the original value loaded from the memory stack with the replica one on the corresponding return-address load. The number and the placement policy of the replica line strongly affect both performance and vulnerability. In our evaluation, it has been observed that SCache can protect more than 99.3% of return-address loads from buffer-overflow attacks, while it causes negligible performance overhead.
منابع مشابه
Web Browser Security: Different Attacks Detection and Prevention Techniques
In this paper, we present a systematic study of how to make a browser secure. Web browser is vulnerable to different attacks; these attacks are performed due to vulnerabilities in the UI of the web page, Browser cache memory, extensions, plug-in. The Attacker can run malicious JavaScript to exploit user system by using these vulnerabilities. Buffer overflow attack, Cross-site-scripting, Man-in-...
متن کاملMemory-Size-Assisted Buffer Overflow Detection
-Since the first buffer overflow problem occurred, many detection techniques have been presented. These techniques are effective in detecting most attacks, but some attacks still remain undetected. In order to be more effective, a memory-size-assisted buffer overflow detection(MBOD) is presented. The key feature of buffer overflow is that the size of the source memory is bigger than the size of...
متن کاملType-Assisted Dynamic Buffer Overflow Detection
Programs written in C are inherently vulnerable to buffer overflow attacks. Functions are frequently passed pointers as parameters without any hint of their sizes. Since their sizes are unknown, most run time buffer overflow detection techniques instead rely on signatures of known attacks or loosely estimate the range of the referenced buffers. Although they are effective in detecting most atta...
متن کاملAnnouncing the Final Examination of Jingfei Kong for the degree of Doctor of Philosophy Time & Location: June 18, 2010 at 2:00 PM in HEC 302 Title: ARCHITECTURAL SUPPORT FOR IMPROVING COMPUTER SECURITY
We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as cost efficiency. In our first approach, we propose a new dynamic information flow method to protect systems from popular software attacks such as buffer overflow and format string attacks. In our second approach, we propose to deploy encryption schemes ...
متن کاملAnnouncing the Final Examination of Jingfei Kong for the degree of Doctor of Philosophy Time & Location: June 18, 2010 at 2:00 PM in HEC 302 Title: ARCHITECTURAL SUPPORT FOR IMPROVING COMPUTER SECURITY
We propose several methods to improve computer security and privacy from architectural point of view. They provide strong protection as well as cost efficiency. In our first approach, we propose a new dynamic information flow method to protect systems from popular software attacks such as buffer overflow and format string attacks. In our second approach, we propose to deploy encryption schemes ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005