Academic
Publications
Implicit Buffer Overflow Protection Using Memory Segregation

Implicit Buffer Overflow Protection Using Memory Segregation,10.1109/ARES.2011.32,Brent G. Roth,Eugene H. Spafford

Implicit Buffer Overflow Protection Using Memory Segregation  
BibTex | RIS | RefWorks Download
Computing systems continue to be plagued by ma- licious corruption of instructions and data. Buffer overflows, in particular, are often employed to disrupt the control flow of vulnerable processes. Existing methods of protection against these attacks operate by detecting corruption after it has taken place or by ensuring that if corruption has taken place, it cannot be used to hijack a process' control flow. These methods thus still allow the corruption of control data to occur but, rather than being subverted, the process may terminate or take some other defined error. Few methods have attempted to prevent the corruption of control data, and those that have only focused on preventing the corruption of the return address. We propose the use of multiple memory segments to support multiple stacks, heaps, .bss, and .data sections per process with the goal of segregating control and non-control data. By segregating these different forms of data, we can prevent the corruption of control data by overflow and address manipulation of memory allocated for non-control data. We show that the creation of these additional data segments per process can be implemented through modifications to the compiler. Index Terms—buffer overflow, memory segregation, memory segmentation, memory protection, multiple stacks, multiple heaps
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.