Academic
Publications
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks

StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks,Crispin Cowan,Calton Pu,Dave Maier,Heather Hinton,Jonathan Walpole,

StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks   (Citations: 628)
BibTex | RIS | RefWorks Download
This paper presents a systematic solution to the per- sistent problem of buffer overflow attacks. Buffer over- flow attacks gained notoriety in 1988 as part of the Morris Worm incident on the Internet. While it is fairly simple to fix individual buffer overflow vulnerabilities, buffer overflow attacks continue to this day. Hundreds of at- tacks have been discovered, and while most of the obvi- ous vulnerabilities have now been patched, more sophis- ticated buffer overflow attacks continue to emerge. We describe StackGuard: a simple compiler technique that virtually eliminates buffer overflow vulnerabilities with only modest performance penalties. Privileged pro- grams that are recompiled with the StackGuard com- piler extension no longer yield control to the attacker, but rather enter a fail-safe state. These programs require no source code changes at all, and are binary-compatible with existing operating systems and libraries. We de- scribe the compiler technique (a simple patch to gcc), as well as a set of variations on the technique that trade- off between penetration resistance and performance. We present experimental results of both the penetration resis- tance and the performance impact of this technique.
Conference: USENIX Security Symposium , 1998
Cumulative Annual
    • ...Concerning control-flow data, we can consider at a first stage the mechanisms that protect against execution flow diversion through stack overflow, like StackGuard [39] or Propolice/SSP (Stack-Smashing Protection) by using canaries...

    Éric Lacombeet al. Enforcing kernel constraints by hardware-assisted virtualization

    • ...By modifying a single stack location, there is no “collateral damage” (overwrites of compiler-placed sentinel values) that techniques like StackGuard [10] rely on to detect a stack smashing attack...

    Owen S. Hofmannet al. Ensuring operating system kernel integrity with OSck

    • ...These solutions can be categorized in compiler-based solutions [19, 59, 15, 40, 48]; instrumentation-based solutions [37, 16, 1, 2, 29, 55]; and hardware-facilitated solutions [26, 25]...
    • ...However, as we discuss in detail in related work (Section 6), the existing solutions suer from various shortcomings and practical deciencies: They either cannot provide complete detection of ROP attacks [16, 29, 37], or require side information such as debugging information [1, 2] or source code [19, 59, 15, 40, 48], which are rarely provided in practice...
    • ...StackGuard [19] places a dummy value, referred to as canary, below the return address on the stack...

    Lucas Daviet al. ROPdefender: a detection tool to defend against return-oriented progra...

    • ...For example, StackGuard [9] may terminate a process after it detects that a return address on the stack has been overwritten...

    Wenhua Wanget al. A combinatorial approach to detecting buffer overflow vulnerabilities

    • ...Other compiler-based methods [16,17,18] are designed to protect control data such as program-defined pointers and the return address by detecting when they have been corrupted so these protections can then terminate the corrupted process, thus preventing the hijacking of the control flow of the process...

    Brent G. Rothet al. Implicit Buffer Overflow Protection Using Memory Segregation

Sort by: