Abstract
With more embedded systems networked, it becomes an important research problem to effectively defend embedded systems against buffer overflow attacks and efficiently check if systems have been protected. In this paper, we propose the HSDefender (Hardware/Software Defender) technique that considers the protection and checking together to solve this problem. Our basic idea is to design a secure instruction set and require third-party software developers to use secure instructions to call functions. Then the security checking can be easily performed by system integrators even without the knowledge of the source code. We first classify buffer overflow attacks into two categories, stack smashing attacks and function pointer attacks, and then provide two corresponding defending strategies. We analyze the HSDefender technique in respect of hardware cost, security, and performance, and experiment with it on the SimpleScalar/ARM simulator using benchmarks from MiBench. The results show that HSDefender can defend a system against more types of buffer overflow attacks with less overhead compared with the previous work.
Original language | English |
---|---|
Title of host publication | International Conferen ON Information Technology |
Subtitle of host publication | Coding Computing, ITCC 2004 |
Pages | 409-413 |
Number of pages | 5 |
Volume | 1 |
Publication status | Published - 7 Jul 2004 |
Event | International Conference on Information Technology: Coding Computing, ITCC 2004 - Las Vegas, NV, United States Duration: 5 Apr 2004 → 7 Apr 2004 |
Conference
Conference | International Conference on Information Technology: Coding Computing, ITCC 2004 |
---|---|
Country/Territory | United States |
City | Las Vegas, NV |
Period | 5/04/04 → 7/04/04 |
ASJC Scopus subject areas
- General Engineering