BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks
Summary :
Buffer overflow is one of the main approaches to get control of vulnerable programs. This paper presents a protection technique called BFWindow for performance and resource sensitive embedded systems. By coloring data structure in memory with single associate property bit to each byte and extending the target memory block to a BFWindow(2), it validates each memory write by speculatively checking consistency of data properties within the extended buffer window. Property bits are generated by compiler statically and checked by hardware at runtime. They are transparent to users. Experimental results show that the proposed mechanism is effective to prevent sequential memory writes from crossing buffer boundaries which is the common scenario of buffer overflow exploitations. The performance overhead for practical protection mode across embedded system benchmarks is under 1%.
- Publication
- IEICE TRANSACTIONS on Information Vol.E99-D No.8 pp.2002-2009
- Publication Date
- 2016/08/01
- Publicized
- 2016/05/31
- Online ISSN
- 1745-1361
- DOI
- 10.1587/transinf.2015INP0003
- Type of Manuscript
- Special Section PAPER (Special Section on Security, Privacy and Anonymity of Internet of Things)
- Category
Authors
Jinli RAO
Huazhong University of Science and Technology
Zhangqing HE
Huazhong University of Science and Technology
Shu XU
Beijing
Kui DAI
Peking University
Xuecheng ZOU
Huazhong University of Science and Technology
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Jinli RAO, Zhangqing HE, Shu XU, Kui DAI, Xuecheng ZOU, "BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks" in IEICE TRANSACTIONS on Information,
vol. E99-D, no. 8, pp. 2002-2009, August 2016, doi: 10.1587/transinf.2015INP0003.
Abstract: Buffer overflow is one of the main approaches to get control of vulnerable programs. This paper presents a protection technique called BFWindow for performance and resource sensitive embedded systems. By coloring data structure in memory with single associate property bit to each byte and extending the target memory block to a BFWindow(2), it validates each memory write by speculatively checking consistency of data properties within the extended buffer window. Property bits are generated by compiler statically and checked by hardware at runtime. They are transparent to users. Experimental results show that the proposed mechanism is effective to prevent sequential memory writes from crossing buffer boundaries which is the common scenario of buffer overflow exploitations. The performance overhead for practical protection mode across embedded system benchmarks is under 1%.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2015INP0003/_p
Copy
@ARTICLE{e99-d_8_2002,
author={Jinli RAO, Zhangqing HE, Shu XU, Kui DAI, Xuecheng ZOU, },
journal={IEICE TRANSACTIONS on Information},
title={BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks},
year={2016},
volume={E99-D},
number={8},
pages={2002-2009},
abstract={Buffer overflow is one of the main approaches to get control of vulnerable programs. This paper presents a protection technique called BFWindow for performance and resource sensitive embedded systems. By coloring data structure in memory with single associate property bit to each byte and extending the target memory block to a BFWindow(2), it validates each memory write by speculatively checking consistency of data properties within the extended buffer window. Property bits are generated by compiler statically and checked by hardware at runtime. They are transparent to users. Experimental results show that the proposed mechanism is effective to prevent sequential memory writes from crossing buffer boundaries which is the common scenario of buffer overflow exploitations. The performance overhead for practical protection mode across embedded system benchmarks is under 1%.},
keywords={},
doi={10.1587/transinf.2015INP0003},
ISSN={1745-1361},
month={August},}
Copy
TY - JOUR
TI - BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks
T2 - IEICE TRANSACTIONS on Information
SP - 2002
EP - 2009
AU - Jinli RAO
AU - Zhangqing HE
AU - Shu XU
AU - Kui DAI
AU - Xuecheng ZOU
PY - 2016
DO - 10.1587/transinf.2015INP0003
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E99-D
IS - 8
JA - IEICE TRANSACTIONS on Information
Y1 - August 2016
AB - Buffer overflow is one of the main approaches to get control of vulnerable programs. This paper presents a protection technique called BFWindow for performance and resource sensitive embedded systems. By coloring data structure in memory with single associate property bit to each byte and extending the target memory block to a BFWindow(2), it validates each memory write by speculatively checking consistency of data properties within the extended buffer window. Property bits are generated by compiler statically and checked by hardware at runtime. They are transparent to users. Experimental results show that the proposed mechanism is effective to prevent sequential memory writes from crossing buffer boundaries which is the common scenario of buffer overflow exploitations. The performance overhead for practical protection mode across embedded system benchmarks is under 1%.
ER -
English
