Variable Record Table: A Run-time Solution for Mitigating Buffer Overflow Attack

We present a novel approach to mitigate buffer overflow attack using Variable Record Table (VRT). Dedicated memory space is used to automatically record base and bound information of variables extracted during runtime. We instrument frame pointer and function(s) related registers to decode variable...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Conference proceedings : Midwest Symposium on Circuits and Systems s. 239 - 242
Hlavní autoři: Sah, Love Kumar, Ariful Islam, Sheikh, Katkoori, Srinivas
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 01.08.2019
Témata:
Aerospace electronics
Arrays
Benchmark testing
Libraries
Pipelines
Registers
Runtime
ISSN:1558-3899
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:We present a novel approach to mitigate buffer overflow attack using Variable Record Table (VRT). Dedicated memory space is used to automatically record base and bound information of variables extracted during runtime. We instrument frame pointer and function(s) related registers to decode variable memory space in stack and heap. We have modified Simplescalar/PISA simulator to extract variables space of six (6) benchmark suites from MiBench. We have tested 290 small C programs (MIT corpus suite) having 22 different buffer overflow vulnerabilities in stack and heap. Experimental results show that our approach can detect buffer overflow attack with zero instruction overhead with the memory space requirement up to 13Kb to maintain VRT for a program with 324 variables.
ISSN:1558-3899
DOI:10.1109/MWSCAS.2019.8884869