Security protection and checking in embedded system integration against buffer overflow attacks

International Conference on Information Technology: Coding Computing, ITCC

Volumn 1, Issue , 2004, Pages 409-413

  Shao, Zili ^a   Xue, Chun ^a   Zhuge, Qingfeng ^a   Sha, Edwin H M ^a   Xiao, Bin ^b  

^a The University of Texas at Dallas   (United States)

^b HONG KONG POLYTECHNIC UNIVERSITY   (Hong Kong)

Author keywords

[No Author keywords available]

Indexed keywords

BUFFER STORAGE; C (PROGRAMMING LANGUAGE); CODES (SYMBOLS); COMPUTER CRIME; COMPUTER HARDWARE; COMPUTER NETWORKS; COMPUTER SOFTWARE; SECURITY OF DATA; SOFTWARE ENGINEERING;

BUFFER OVERFLOW ATTACTS; FUNCTION POINTER ATTACKS; HSDEFENDER (HARDWARE/SOFTWARE DEFENDER); SOURCE CODES;

EMBEDDED SYSTEMS;

EID: 3042590891     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (11)

1. T. M. Austin, E. B. Scott, and S. S. Gurindar. Efficient detection of all pointer and array access errors. In Proceedings of the ACM SIGPLAN '94 Conference on Programming Language Design and Implementation, pages 290-301, June 1994.
2. S. Bhatkar, D. C. DuVarney, and R. Sekar. Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In the 12th USENIX Security Symposium, pages 105-120, August 2003.
3. C. Cowan, S. Beattie, J. Johansen, and P. Wagle. Pointguard: Protecting pointers from buffer-overflow vulnerabilities. In Proc. of the USENIX Security Symposium, August 2003.
4. C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grie, P. Wagle, and Q. Zhang. Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proc. of the USENIX Security Symposium, January 1998.
5. M. R. Guthaus, J. S. Ringenberg, D. Ernst, T. M. Austin, T. Mudge, and R. B. Brown. Mibench: A free, commercially representative embedded benchmark suite. In IEEE 4th Annual Workshop on Workload Characterization, Austin, TX, December 2001.
6. E. Haugh and M. Bishop. Testing c programs for buffer overflow vulnerabilities. In Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, February 2003.
7. S. LLC. SimpleScalor/ARM. World Wide Web, http://www.eecs.umich.edu/ taustin/code/arm/simplesim-arm-0.2.tar.gz.
8. D. A. Patterson and J. L. Hennessy. Computer Architecture: A Quantitative Approach. Morgan Kaufmann Publisher, 1996.
9. G. Richarte. Four different tricks to bypass stackshield and stackguard protection. World Wide Web, http://www1.corest.com/files/files/11/ StackGuardPaper.pdf, April 2002.
10. Z. Shao, Q. Zhuge, Y. He, and E. H.-M. Sha. Defending embedded systems against buffer overflow via hardware/software. In IEEE 19th Annual Computer Security Applications Conference, pages 352-361, Las Vegas, Dec. 2003.
11. D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed System Security Symposium, pages 3-17, San Diego, CA, February 2000.