StackOFFence: A technique for defending against buffer overflow attacks

Bharat B. Madan, Shashi Phoha, Kishor S. Trivedi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations

Abstract

Software coding practices, in the interest of efficiency, often ignore to enforce strict bound checking on buffers, arrays and pointers. This results in software code that is more vulnerable to security intrusions exploiting buffer overflow vulnerabilities. Unfortunately, such attacks form the most common type of security threats to the computer and information systems, making it imperative to find efficient solutions for the buffer overflow vulnerabilities. Typically, an attacker is able to affect a successful intrusion by causing buffer overflow in the stack frame of a function call, thereby causing the valid return address to get overwritten by a malicious value. This allows the attacker to redirect the return from a function call to a malicious piece of code introduced by the attacker. Depending on the nature of the malicious code, the attacker is able to compromise availability, integrity, or confidentiality of a system. Researchers have suggested transforming the return address or even using an entirely separate stack for managing the return addresses. This paper describes a simple technique that ensures the integrity of the return address by pushing on the stack two copies of the return address, a transformed (or encrypted) return address value along with the original one. Before popping the return address, two return address values are compared to detect any malicious activity, thus preventing the exploitation of the stack based buffer overflow vulnerabilities. The proposed modification may be implemented at the CPU architecture level or by simple modification to the compiler's prologue and epilogue code.

Original languageEnglish (US)
Title of host publicationProceedings ITCC 2005 - International Conference on Information Technology
Subtitle of host publicationCoding and Computing
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages656-661
Number of pages6
ISBN (Print)0769523153, 9780769523156
DOIs
StatePublished - 2005
EventITCC 2005 - International Conference on Information Technology: Coding and Computing - Las Vegas, NV, United States
Duration: Apr 4 2005Apr 6 2005

Publication series

NameInternational Conference on Information Technology: Coding and Computing, ITCC
Volume1

Other

OtherITCC 2005 - International Conference on Information Technology: Coding and Computing
CountryUnited States
CityLas Vegas, NV
Period4/4/054/6/05

All Science Journal Classification (ASJC) codes

  • Engineering(all)

Fingerprint Dive into the research topics of 'StackOFFence: A technique for defending against buffer overflow attacks'. Together they form a unique fingerprint.

  • Cite this

    Madan, B. B., Phoha, S., & Trivedi, K. S. (2005). StackOFFence: A technique for defending against buffer overflow attacks. In Proceedings ITCC 2005 - International Conference on Information Technology: Coding and Computing (pp. 656-661). (International Conference on Information Technology: Coding and Computing, ITCC; Vol. 1). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/itcc.2005.260