Efficient array & pointer bound checking against buffer overflow attacks via hardware/software

Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.M. Sha, Bin Xiao

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

3 Citations (Scopus)

Abstract

Buffer overflow attacks cause serious security problems. Array & pointer bound checking is one of the most effective approaches for defending against buffer overflow attacks when source code is available. However, original array & pointer bound checking causes too much overhead since it is designed to catch memory errors and it puts too many checks. In this paper, we propose an efficient array & pointer bound checking strategy to defend against buffer overflow attacks. In our strategy, only the bounds of write operations are checked. We discuss the optimization strategy via hardware/software and conduct experiments. The experimental results show that our strategy can greatly reduce the overhead of array & pointer bound checking. Our conclusion is that based on our strategy, array & pointer bound checking can be a practical solution for defending systems against buffer overflow attacks with tolerable overhead.
Original languageEnglish
Title of host publicationProceedings ITCC 2005 - International Conference on Information Technology
Subtitle of host publicationCoding and Computing
Pages780-785
Number of pages6
Volume1
Publication statusPublished - 21 Sep 2005
EventITCC 2005 - International Conference on Information Technology: Coding and Computing - Las Vegas, NV, United States
Duration: 4 Apr 20056 Apr 2005

Conference

ConferenceITCC 2005 - International Conference on Information Technology: Coding and Computing
Country/TerritoryUnited States
CityLas Vegas, NV
Period4/04/056/04/05

ASJC Scopus subject areas

  • Engineering(all)

Cite this