Buffer overflow vulnerabilities are the most prevalent security vulnerabilities; they are responsible for over half of the CERT advisories issued in the last few years. Since many attacks exploit the buffer overflow vulnerability, techniques to prevent buffer overflow attacks would greatly increase the difficulty of writing a new worm. We prevent buffer overflows using hardware methods to guard unmodified binaries using automatic encryption of return addresses. In addition, we use the same encryption hardware to provide efficient security for general function pointer protection for modified binaries. Our solution provides security even when there there is potential for a read buffer attack, where an attacker is attempting to learn the key in order to mount a write buffer attack.
The authors of these documents have submitted their reports to this technical report series for the purpose of non-commercial dissemination of scientific work. The reports are copyrighted by the authors, and their existence in electronic format does not imply that the authors have relinquished any rights. You may copy a report for scholarly, non-commercial purposes, such as research or instruction, provided that you agree to respect the author's copyright. For information concerning the use of this document for other than research or instructional purposes, contact the authors. Other information concerning this technical report series can be obtained from the Computer Science and Engineering Department at the University of California at San Diego, firstname.lastname@example.org.
[ Search ]