Extended protection against stack smashing attacks without performance loss

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn , Issue , 2006, Pages 429-438

  Younan, Yves ^a   Pozza, Davide ^b   Piessens, Frank ^a   Joosen, Wouter ^a  

^a UNIVERSITY OF LEUVEN   (Belgium)

^b POLITECNICO DI TORINO   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER OPERATING SYSTEMS; PROGRAM COMPILERS;

ATTACK VECTOR; LINUX; SMASHING ATTACKS;

INTRUSION DETECTION;

EID: 39049133983     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACSAC.2006.27     Document Type: Conference Paper

References (35)

1. M. Abadi, M. Budiu, U. Erlingsson, and J. Ligatti. Control-flow integrity. In Proc. of the 12th ACM Conf. on Computer and Communications Security, Alexandria, VA, Nov. 2005.
2. Aleph One. Smashing the stack for fun and profit. Phrack, 49, 1996.
3. S. Alexander. Defeating compiler-level buffer overflow protection, ;login: The USENIX Magazine, 30(3), June 2005.
4. T. M. Austin, S. E. Breach, and G. S. Sohi. Efficient detection of all pointer and array access errors. In Proc. of the ACM SIGPLAN '94 Conf. on Programming Language Design and Implementation, Orlando, FL, June 1994.
5. A. Baratloo, N. Singh, and T. Tsai. Transparent run-time defense against stack smashing attacks. In USENIX 2000 Annual Technical Conf. Proc., San Diego, CA, June 2000.
6. E. G. Barrantes, D. H. Ackley, S. Forrest, T. S. Palmer, D. Stefanović, and D. D. Zovi. Randomized instruction set emulation to disrupt binary code injection attacks. In Proc. of the 10th ACM Conf. on Computer and Communications Security, Washington, DC, Oct. 2003.
7. S. Bhatkar, D. C. DuVarney, and R. Sekar. Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In Proc. of the 12th USENIX Security Symp., Washington, DC, Aug. 2003.
8. Bulba and Kil3r. Bypassing Stackguard and stackshield. Phrack, 56, 2000.
9. S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. K. Iyer. Noncontrol-data attacks are realistic threats. In Proc. of the 14th USENIX Security Symp., Baltimore, MD, Aug. 2005.
10. T. Chiueh and F-H. Hsu. RAD: A compile-time solution to buffer overflow attacks. In Proc. of the 21st Int. Conf. on Distributed Computing Systems, Phoenix, AZ, Apr. 2001.
11. C. Cowan, S. Beattie, J. Johansen, and P. Wagle. Point-Guard: protecting pointers from buffer overflow vulnerabilities. In Proc. of the 12th USENIX Security Symp., Washington, DC, Aug. 2003.
12. C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang. Stack-Guard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proc. of the 7th USENIX Security Symp., San Antonio, TX, Jan. 1998.
13. H. Etoh and K. Yoda. Protecting from stack-smashing attacks. Technical report, IBM Research Divison, Tokyo Research Laboratory, June 2000.
14. J. L. Henning. Spec cpu2000: Measuring cpu performance in the new millennium. Computer, 33(7), July 2000.
15. R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. In Proc. of the 3rd Int. Workshop on Automatic Debugging, Linköping, Sweden, 1997.
16. G. S. Kc, A. D. Keromytis, and V. Prevelakis. Countering code-injection attacks with instruction-set randomization. In Proc. of the 10th ACM Conf. on Computer and Communications Security, Washington, DC, Oct. 2003.
17. S.C.Kendall. Bcc: Runtime checking for C programs. In Proc. of the USENIX Summer 1983 Conf., Toronto, ON, July 1983.
18. V. Kiriansky, D. Bruening, and S. Amarasinghe. Secure execution via program shepherding. In Proc. of the 11th USENIX Security Symp., San Francisco, CA, Aug. 2002.
19. klog. The frame pointer overwrite. Phrack, 55, 1999.
20. R. B. Lee, D. K. Karig, J. P. McGregor, and Z. Shi. Enlisting hardware architecture to thwart malicious code injection. In Proc. of the First Int. Conf. on Security in Pervasive Computing, volume 2802 of LNCS, 2003.
21. K.-S. Lhee and S. J. Chapin. Type-assisted dynamic buffer overflow detection. In Proc. of the 11th USENIX Security Symp., San Francisco, CA, Aug. 2002.
22. National Institute of Standards and Technology. National vulnerability database statistics, http://nvd.nist.gov/statistics.cfm.
23. Y. Oiwa, T. Sekiguchi, E. Sumii, and A. Yonezawa. Failsafe ANSI-C compiler: An approach to making C programs secure: Progress report. In Proc. of Int. Symp. on Software Security 2002, Tokyo, Japan, Nov. 2002.
24. O. Ruwase and M. S. Lam. A practical dynamic buffer overflow detector. In Proc. of the 11th Annual Network and Distributed System Security Symp., San Diego, CA, Feb. 2004.
25. H. Shacham, M. Page, B. Pfaff, E.-J. Goh, N. Modadugu, and D. Boneh. On the Effectiveness of Address-Space Randomization. In Proc. of the 11th ACM Conf. on Computer and communications security, Washington, DC, Oct. 2004.
26. Solar Designer. Non-executable stack patch, http://www.openwall.com.
27. N. Sovarel, D. Evans, and N. Paul. Where's the FEEB? the effectiveness of instruction set randomization. In Proc. of the 14th USENIX Security Symp., Baltimore, MD, Aug. 2005.
28. The PaX Team. Documentation for the PaX project, http://pageexec. virtualave.net/docs/.
29. Vendicator. Stack shield, http://www.angelf ire.com/sk/stackshield.
30. R. Wojtczuk. Defeating Solar Designer's Non-executable Stack Patch. Bugtraq mailinglist, 1998.
31. J. Xu, Z. Kalbarczyk, S. Patel, and K. I. Ravishankar. Architecture support for defending against buffer overflow attacks. In Second Workshop on Evaluating and Architecting System dependability, San Jose, CA, Oct. 2002.
32. W. Xu, D. C. DuVarney, and R. Sekar. An Efficient and Backwards-Compatible Transformation to Ensure Memory Safety of C Programs. In Proc. of the 12th ACM SIGSOFT Int. Symp. on Foundations of Software Engineering, Newport Beach, CA, October-November 2004.
33. Y. Younan, W. Joosen, and F Piessens. Code injection in C and C++ : A survey of vulnerabilities and countermeasures. Technical Report CW386, Departement Computerwetenschappen, Katholieke Universiteit Leuven, July 2004.
34. Y. Younan, W. Joosen, and F. Piessens. A methodology for designing countermeasures against current and future code injection attacks. In Proc. of the Third IEEE Int. Information Assurance Workshop 2005, College Park, MD, Mar. 2005.
35. Y. Younan, W. Joosen, and F. Piessens. Efficient protection against heap-based buffer overflows without resorting to magic. In Proc. of the Int. Conf. on Information and Communication Security, Raleigh, NC, Dec. 2006.