Hardware/software optimization for array & pointer boundary checking against buffer overflow attacks
Malicious intrusions by buffer overflow attacks cause serious security problems and pose serious threats for networks and distributed systems such as clusters, Grids and P2P systems. Array & pointer boundary checking is one of the most effective approaches for defending against buffer overflow a...
Saved in:
| Published in: | Journal of parallel and distributed computing Vol. 66; no. 9; pp. 1129 - 1136 |
|---|---|
| Main Authors: | , , , , |
| Format: | Journal Article |
| Language: | English |
| Published: |
Elsevier Inc
01.09.2006
|
| Subjects: | |
| ISSN: | 0743-7315, 1096-0848 |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Malicious intrusions by buffer overflow attacks cause serious security problems and pose serious threats for networks and distributed systems such as clusters, Grids and P2P systems. Array & pointer boundary checking is one of the most effective approaches for defending against buffer overflow attacks. However, a big performance overhead may occur after boundary checking is applied. Typically, it may cause 2–5 times slowdown [T.M. Austin, E.B. Scott, S.S. Gurindar, Efficient detection of all pointer and array access errors, in: Proceedings of the ACM SIGPLAN ’94 Conference on Programming Language Design and Implementation, 1994, pp. 290–301; R.W.M. Jones, P.H.J. Kelly, Backwards-compatible bounds checking for arrays and pointers in c programs, in: The Third International Workshop on Automated and Algorithmic Debugging, 1997, pp. 13–26]. In this paper, we propose a hardware/software method to optimize the performance of array & pointer boundary checking by designing a special boundary checking instruction. The experimental results show that our method can effectively reduce the overhead of array & pointer boundary checking. |
|---|---|
| ISSN: | 0743-7315 1096-0848 |
| DOI: | 10.1016/j.jpdc.2006.04.010 |