Abstract
Buffer overflow attacks cause serious security problems. Array & pointer bound checking is one of the most effective approaches for defending against buffer overflow attacks when source code is available. However, original array & pointer bound checking causes too much overhead since it is designed to catch memory errors and it puts too many checks. In this paper, we propose an efficient array & pointer bound checking strategy to defend against buffer overflow attacks. In our strategy, only the bounds of write operations are checked. We discuss the optimization strategy via hardware/software and conduct experiments. The experimental results show that our strategy can greatly reduce the overhead of array & pointer bound checking. Our conclusion is that based on our strategy, array & pointer bound checking can be a practical solution for defending systems against buffer overflow attacks with tolerable overhead.
| Original language | English |
|---|---|
| Title of host publication | International Conference on Information Technology: Coding and Computing, 2005 : ITCC 2005, 4-6 April 2005 |
| Subtitle of host publication | Coding and Computing |
| Publisher | IEEE |
| Pages | 780-785 |
| Number of pages | 6 |
| Volume | 1 |
| ISBN (Print) | 0769523153 |
| DOIs | |
| Publication status | Published - 21 Sept 2005 |
| Event | ITCC 2005 - International Conference on Information Technology: Coding and Computing - Las Vegas, NV, United States Duration: 4 Apr 2005 → 6 Apr 2005 |
Conference
| Conference | ITCC 2005 - International Conference on Information Technology: Coding and Computing |
|---|---|
| Country/Territory | United States |
| City | Las Vegas, NV |
| Period | 4/04/05 → 6/04/05 |
Keywords
- Buffer storage
- Optimising compilers
- Security of data
ASJC Scopus subject areas
- General Engineering