Abstract
Buffer overflow attacks cause serious security problems. Array & pointer bound checking is one of the most effective approaches for defending against buffer overflow attacks when source code is available. However; original array & pointer bound checking causes too much overhead since it is designed to catch memory errors and it puts too many checks. In this paper, we propose an efficient array & pointer bound checking strategy to defend against buffer overflow attacks. In our strategy, only the bounds of write operations are checked. We discuss the optimization strategy via hardware/software and conduct experiments. The experimental results show that our strategy can greatly reduce the overhead of array & pointer bound checking. Our conclusion is that based on our strategy, array & pointer bound checking can be a practical solution for defending systems against buffer overflow attacks with tolerable overhead.
Original language | English |
---|---|
Title of host publication | International Conference on Information Technology: Coding and Computing, 2005 : ITCC 2005, 4-6 April 2005 |
Publisher | IEEE |
Pages | 780-785 |
Number of pages | 6 |
ISBN (Print) | 0769523153 |
DOIs | |
Publication status | Published - 2005 |
Event | International Conference on Information Technology, Coding and Computing [ITCC] - Duration: 1 Jan 2005 → … |
Conference
Conference | International Conference on Information Technology, Coding and Computing [ITCC] |
---|---|
Period | 1/01/05 → … |
Keywords
- Buffer storage
- Optimising compilers
- Security of data