RS-Stack: Defense against Stack Buffer Overflow Attack with Random Shadow Stack

Shadow stack is a method to prevent stack buffer overflow attack. However, in the existing shadow stack solutions, it is often supposed that the shadow stack is safe, but the reality is not always the case. To overcome it, this paper presents a stack buffer overflow attack defense method based on dy...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2022 IEEE 2nd International Conference on Data Science and Computer Application (ICDSCA) s. 1432 - 1436
Hlavní autori: Hongwei, Zhou, Zhipeng, Ke, Yuchen, Zhang, Ruichao, Guo, Shengsheng, Li, Jinhui, Yuan
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: IEEE 28.10.2022
Predmet:
buffer overflow
Buffer overflows
Computer applications
Data science
return Address
Security
shadow stack
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Shadow stack is a method to prevent stack buffer overflow attack. However, in the existing shadow stack solutions, it is often supposed that the shadow stack is safe, but the reality is not always the case. To overcome it, this paper presents a stack buffer overflow attack defense method based on dynamic shadow stack, which is called RS-Stack. The outstanding advantage of RS-Stack is that the shadow stack address is random, and it is difficult for attackers to locate the shadow stack. In order to further improve the security, RS-Stack separates the shadow stack address for protection, which makes it difficult for attackers to destroy the contents of the shadow stack. RS-Stack provides double protection for shadow stack. We have partly implemented RS-Stack, and the experiment shows that the shadow stack address splitting protection introduce heavily performance overhead. In order not to affect the performance too much, the address split protection is optional, and this mechanism is only used in the environment with high security requirements.
DOI:10.1109/ICDSCA56264.2022.9988252