Abstract
Buffer overflow attacks cause serious security problems. Array & pointer bound checking is one of the most effective approaches for defending against buffer overflow attacks when source code is available. However; original array & pointer bound checking causes too much overhead since it is designed to catch memory errors and it puts too many checks. In this paper, we propose an efficient array & pointer bound checking strategy to defend against buffer overflow attacks. In our strategy, only the bounds of write operations are checked. We discuss the optimization strategy via hardware/software and conduct experiments. The experimental results show that our strategy can greatly reduce the overhead of array & pointer bound checking. Our conclusion is that based on our strategy, array & pointer bound checking can be a practical solution for defending systems against buffer overflow attacks with tolerable overhead.
| Original language | English |
|---|---|
| Title of host publication | International Conference on Information Technology: Coding and Computing, 2005 : ITCC 2005, 4-6 April 2005 |
| Publisher | IEEE |
| Pages | 780-785 |
| Number of pages | 6 |
| ISBN (Print) | 0769523153 |
| DOIs | |
| Publication status | Published - 2005 |
| Event | International Conference on Information Technology, Coding and Computing [ITCC] - Duration: 1 Jan 2005 → … |
Conference
| Conference | International Conference on Information Technology, Coding and Computing [ITCC] |
|---|---|
| Period | 1/01/05 → … |
Keywords
- Buffer storage
- Optimising compilers
- Security of data