Abstract
Buffer overflow attacks cause serious security problems. Array & pointer bound checking is one of the most effective approaches for defending against buffer overflow attacks when source code is available. However, original array & pointer bound checking causes too much overhead since it is designed to catch memory errors and it puts too many checks. In this paper, we propose an efficient array & pointer bound checking strategy to defend against buffer overflow attacks. In our strategy, only the bounds of write operations are checked. We discuss the optimization strategy via hardware/software and conduct experiments. The experimental results show that our strategy can greatly reduce the overhead of array & pointer bound checking. Our conclusion is that based on our strategy, array & pointer bound checking can be a practical solution for defending systems against buffer overflow attacks with tolerable overhead.
Original language | English |
---|---|
Title of host publication | Proceedings ITCC 2005 - International Conference on Information Technology |
Subtitle of host publication | Coding and Computing |
Pages | 780-785 |
Number of pages | 6 |
Volume | 1 |
Publication status | Published - 21 Sep 2005 |
Event | ITCC 2005 - International Conference on Information Technology: Coding and Computing - Las Vegas, NV, United States Duration: 4 Apr 2005 → 6 Apr 2005 |
Conference
Conference | ITCC 2005 - International Conference on Information Technology: Coding and Computing |
---|---|
Country | United States |
City | Las Vegas, NV |
Period | 4/04/05 → 6/04/05 |
ASJC Scopus subject areas
- Engineering(all)