Abstract
Buffer overflow attacks cause serious security problems. Array & pointer bound checking is one of the most effective approaches for defending against buffer overflow attacks when source code is available. However, original array & pointer bound checking causes too much overhead since it is designed to catch memory errors and it puts too many checks. In this paper, we propose an efficient array & pointer bound checking strategy to defend against buffer overflow attacks. In our strategy, only the bounds of write operations are checked. We discuss the optimization strategy via hardware/software and conduct experiments. The experimental results show that our strategy can greatly reduce the overhead of array & pointer bound checking. Our conclusion is that based on our strategy, array & pointer bound checking can be a practical solution for defending systems against buffer overflow attacks with tolerable overhead.
| Original language | English |
|---|---|
| Title of host publication | Proceedings ITCC 2005 - International Conference on Information Technology |
| Subtitle of host publication | Coding and Computing |
| Pages | 780-785 |
| Number of pages | 6 |
| Volume | 1 |
| Publication status | Published - 21 Sep 2005 |
| Event | ITCC 2005 - International Conference on Information Technology: Coding and Computing - Las Vegas, NV, United States Duration: 4 Apr 2005 → 6 Apr 2005 |
Conference
| Conference | ITCC 2005 - International Conference on Information Technology: Coding and Computing |
|---|---|
| Country/Territory | United States |
| City | Las Vegas, NV |
| Period | 4/04/05 → 6/04/05 |
ASJC Scopus subject areas
- Engineering(all)