Secure Bit Enhanced Canary: Hardware Enhanced Buffer-Overflow Protection

Piromsopa, Krerk; Chiamwongpaet, Sirisara

doi:10.1109/npc.2008.49

Cited by 4 publications

(4 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A buffer-overflow attack can be described as an attack in which a buffer is overflowed beyond its bounds into another buffer with an intent to cause malicious behavior in a program [4,29,40].…”

Section: Background: Buffer-overflow Attacksmentioning

confidence: 99%

“…The protection solutions in the table are as follows: Segmentation [25], Integer Analysis to Determine Buffer Overflow [39], STOBO [14], Type-Assisted Buffer Overflow Detection [19], C Range Error Detector (CRED) [32], Jump Pointer [36], Stack-Guard [7], MemGuard [7], PointGuard [6], Smash-Guard [6], Minezone RAD [37], Read-only RAD [37], Efficient Dynamic Taint Analysis Using Multicore Machines [3], HeapDefender [20], Secure Bit [27], and Secure Canary Word [29] [4]. For comparison, we also include our proposed solution, Boundary Bit, in this table.…”

Section: Summary Of Buffer-overflow Attack Typesmentioning

confidence: 99%

“…Secure Bit [27], Canary Bit [33], Secure Canary Word [4,29], and Boundary Bit [5] form a series of related research work with each new project building upon its predecessors. Secure Bit can detect all types, but focuses on only control data, similar to Efficient Dynamic Taint Analysis Using Multicore Machines [3].…”

Section: 1 Comparison Of Protection Coveragementioning

confidence: 99%

See 2 more Smart Citations

Boundary Bit: Architectural Bound Checking for Buffer-Overflow Protection

Chiamwongpaet

Piromsopa

2020

ECTI-CIT

Self Cite

View full text Add to dashboard Cite

We propose Boundary Bit, a new architectural bound-checking approach that detects and prevents buffer-overflow attacks. Boundary Bit extends an architecture by associating a bit to each memory entry. Software can set a (boundary) bit to delimit an object. On each memory access, the hardware will dynamically validate the object's bound using the boundary bit. With minimal hints from the compiler, our architectural design eliminates most (if not all) types of buffer-overflow attacks. These include attacks on non-control data (variables and arguments) and array-indexing errors. We evaluate the performance of Boundary Bit using simulation, and the results show that the majority of performance overheads lies in bit scanning operations. To mitigate performance overheads, we introduce a hardware bitmap to act as a cache. The results from our simulation shows that the hardware bitmap can absorb most overhead from bit scanning, which in the best-case scenario translated to 30 times speed up compared to the version that does not utilize bitmap cache.

show abstract

Section: Background: Buffer-overflow Attacksmentioning

confidence: 99%

Section: Summary Of Buffer-overflow Attack Typesmentioning

confidence: 99%

See 1 more Smart Citation

Boundary Bit: Architectural Bound Checking for Buffer-Overflow Protection

Chiamwongpaet

Piromsopa

2020

ECTI-CIT

Self Cite

View full text Add to dashboard Cite

show abstract

“…In general, hardware-based approaches, such as [7,5,30,17,8,4,30,31], have lower runtime and memory overhead than their software-based counterparts. However, one of the major disadvantage of the majority of hardware-based approaches is that they are difficult to deploy, usually require new hardware, new revision of existing hardware, or even custom hardware.…”

Section: Hardware-based Approachesmentioning

confidence: 99%

Boundwarden: thread-enforced spatial memory safety through compile-time transformations

Dhumbumroong

View full text Add to dashboard Cite

This dissertation presents BoundWarden, a novel runtime spatial memory safety enforcement technique that comprehensively detects and prevents buffer overflow and other out-of-bound errors in buffers on stack, heap, and BSS and data segments of memory. BoundWarden leverages the ubiquity of multi-core processors by offloading most of the works to a dedicated bound checking thread, which performs bound checking and manages metadata, thus reducing the runtime overhead. Since BoundWarden stores base and bound of buffers in a dedicated bound table, the memory layout of programs remains unchanged, thus preserving compatibility with existing libraries and binaries. Experiments showed that the prototype of BoundWarden is effective at enforcing spatial memory safety by successfully detected all 850 attacks of RIPE test suite, and 94% (1,092 out of 1,164 tests) of NIST SARD Test Suite 89, while the results from Olden benchmark showed that on average BoundWarden introduced roughly 2.25x overhead, compared to the uninstrumented code.

show abstract

The implementation of Secure Canary Word for buffer-overflow protection

Chiamwongpaet

Piromsopa

2009

2009 IEEE International Conference on Electro/Information Technology

View full text Add to dashboard Cite

Secure Bit Enhanced Canary: Hardware Enhanced Buffer-Overflow Protection

Cited by 4 publications

References 3 publications

Boundary Bit: Architectural Bound Checking for Buffer-Overflow Protection

Boundary Bit: Architectural Bound Checking for Buffer-Overflow Protection

Boundwarden: thread-enforced spatial memory safety through compile-time transformations

The implementation of Secure Canary Word for buffer-overflow protection

Contact Info

Product

Resources

About