Advertisement

Hardware Stack Design: Towards an Effective Defence Against Frame Pointer Overwrite Attacks

  • Yongsu Park
  • Younho Lee
  • Heeyoul Kim
  • Gil-Joo Lee
  • Il-Hee Kim
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4266)

Abstract

Currently, a buffer overflow attack is one of the most serious and widely utilized assaults in computer systems. Defense methods against this attack can be classified as three: compiler modification, system software modification, and hardware modification. Among them, most of the cases, hardware modification methods aim at detecting or tolerating alternation of return addresses in the memory stack. However, to the best of our knowledge, the previous methods cannot defend against frame pointer overwrite attacks, where an adversary can control the execution at his/her will by modifying the saved frame pointers in the stack. In this paper, we present a new reliable hardware stack to detect alternation of saved frame pointers as well as return addresses. We show that the proposed method can defend against both frame pointer overwrite attacks and stack smashing attacks.

Keywords

computer security buffer overflow attack computer architecture 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Barrantes, G., Ackley, D.H., Forrest, S., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks. In: 10th ACM Conference on Computer and Communication Security, pp. 281–289 (October 2003)Google Scholar
  2. 2.
    Bhatkar, S., DuVarney, D.C., Sekar, R.: Address Obfuscation: an Efficient Approach to Combat a Broad Range of Memory Error Exploits. In: 12th USENIX Security Symposium, pp. 105–120 (August 2003)Google Scholar
  3. 3.
    NX bit. from wikipidia, free enclopedia, avaliable at: http://en.wikipedia.org/wiki/NX_bit
  4. 4.
    Cowan, C., Beattie, S., Johansen, J., Wagle, P.: PointGuard: Protecting Pointers From Buffer Overflow Vulnerabilities. In: 12th USENIX Security Symposium, pp. 91–104 (August 2003)Google Scholar
  5. 5.
    Cowan, C., Pu, C., Maier, D., Walpole, J., Bakke, P., Beattie, S.: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-overflow Attacks. In: 7th USENIX Security Symposium, pp. 63–78 (January 1998)Google Scholar
  6. 6.
    klog: The Frame Pointer Overwrite. Phrack Magazine 9(5) (1999)Google Scholar
  7. 7.
    Lee, R.B., Kang, D.K., McGregor, J.P., Shi, Z.: Enlisting Hardware Architecture to Thwart Malicious Code Injection. In: International Conference on Security in Pervasive Computing (2003)Google Scholar
  8. 8.
    Newsharm, T.: Format String Attacks, GUARDENT Technical Report (2000)Google Scholar
  9. 9.
    Aleph One. Smasing The Stack For Fun And Profit. Phrack 49, File 14 of 16 (1996)Google Scholar
  10. 10.
    Ozdoganoglu, H., Vijaykumar, T.N., Jalote, C.A. et al.: SmashGuard: A Hardware Solution to Prevent Security Attacks on the Function Return Address. Technical report, TR-ECE-03-13, Purdue University, School of ECE (2003)Google Scholar
  11. 11.
    PaX team. The PaX Project (2001), avaliable at: http://pageexec.virtualave.net
  12. 12.
    Xu, J., Kalbarczyk, Z., Partel, S., Iyar, R.K.: An Architecture Support for Defending Against Buffer Overflow Attacks. In: Workshop on Evaluating and Architecting System Dependability (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Yongsu Park
    • 1
  • Younho Lee
    • 2
  • Heeyoul Kim
    • 2
  • Gil-Joo Lee
    • 1
  • Il-Hee Kim
    • 1
  1. 1.The College of Information and CommunicationsHanyang UniversitySeoulKorea
  2. 2.Division of Computer Science, Department of Electrical Engineering and Computer ScienceKorea Advanced Institute of Science and Technology (KAIST)DaejeonKorea

Personalised recommendations