Security protection and checking in embedded system integration against buffer overflow attacks

Zili Shao, Chun Xue, Qingfeng Zhuge, Edwin H.M. Sha, Bin Xiao

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

10 Citations (Scopus)

Abstract

With more embedded systems networked, it becomes an important research problem to effectively defend embedded systems against buffer overflow attacks and efficiently check if systems have been protected. In this paper, we propose the HSDefender (Hardware/Software Defender) technique that considers the protection and checking together to solve this problem. Our basic idea is to design a secure instruction set and require third-party software developers to use secure instructions to call functions. Then the security checking can be easily performed by system integrators even without the knowledge of the source code. We first classify buffer overflow attacks into two categories, stack smashing attacks and function pointer attacks, and then provide two corresponding defending strategies. We analyze the HSDefender technique in respect of hardware cost, security, and performance, and experiment with it on the SimpleScalar/ARM simulator using benchmarks from MiBench. The results show that HSDefender can defend a system against more types of buffer overflow attacks with less overhead compared with the previous work.
Original languageEnglish
Title of host publicationInternational Conferen ON Information Technology
Subtitle of host publicationCoding Computing, ITCC 2004
Pages409-413
Number of pages5
Volume1
Publication statusPublished - 7 Jul 2004
EventInternational Conference on Information Technology: Coding Computing, ITCC 2004 - Las Vegas, NV, United States
Duration: 5 Apr 20047 Apr 2004

Conference

ConferenceInternational Conference on Information Technology: Coding Computing, ITCC 2004
Country/TerritoryUnited States
CityLas Vegas, NV
Period5/04/047/04/04

ASJC Scopus subject areas

  • Engineering(all)

Cite this