Protection against Buffer Overflow Attacks through Runtime Memory Layout Randomization

Abstract: To date a number of comprehensive techniques have been proposed to defend against buffer over attacks. In spite of continuing research in this area, security vulnerabilities in software continue to be discovered and exploited. This is because the existing protection techniques suffer from one or more of the following problems: high run time overheads (often exceeding 100%), incompatibility with legacy C and C++ code, not sufficiently fine grained randomization of memory layout and the inability to perform rand… Show more

“…Unfortunately, it is not always possible to implement these techniques correctly. For example, ASLR [15][16][17] is only partially implemented, i.e., not all memory areas are randomized, including Android version 4.0 [18] and earlier, or are randomized only at system boot, as it happens with Mac OS and all versions of Android OS. With respect to SSP, one of the main problems (even in systems where it is correctly implemented) is byte-by-byte [19] attack, explained later.…”

SSPFA: effective stack smashing protection for Android OS

“…Unfortunately, it is not always possible to implement these techniques correctly. For example, ASLR [15][16][17] is only partially implemented, i.e., not all memory areas are randomized, including Android version 4.0 [18] and earlier, or are randomized only at system boot, as it happens with Mac OS and all versions of Android OS. With respect to SSP, one of the main problems (even in systems where it is correctly implemented) is byte-by-byte [19] attack, explained later.…”

SSPFA: effective stack smashing protection for Android OS

Design of experimental test bed to evaluate effectiveness of software protection mechanisms against buffer overflow attacks through emulation