HardStack: Prevent Stack Buffer Overflow Attack with LBR
Stack buffer overflow attack can temper with software control flow by continuously injecting data into stack and overwriting function return address. In this paper, we propose a new method to solve buffer overflow attack with the support of Intel LBR, which we call it HardStack. Usually, the functio...
Saved in:
| Published in: | 2019 International Conference on Intelligent Computing, Automation and Systems (ICICAS) pp. 888 - 892 |
|---|---|
| Main Authors: | , , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
01.12.2019
|
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Stack buffer overflow attack can temper with software control flow by continuously injecting data into stack and overwriting function return address. In this paper, we propose a new method to solve buffer overflow attack with the support of Intel LBR, which we call it HardStack. Usually, the function return address is stored in the stack, and it is easy to be overwritten. In our opinion, HardStack changes this situation. In HardStack, the return address is calculated on hardware information and software information together. In this way, even if the attacker tampers with the data in the stack, he fail to hijack the software control flow without modifying on LBR. Our discussion show that HardStack increases the delay by thousands of times in a certain call, but which has no obvious effect on the running of the software. |
|---|---|
| DOI: | 10.1109/ICICAS48597.2019.00191 |