Abstract
Software vulnerabilities that enable the injection and execution of malicious code in pervasive Internet-connected computing devices pose serious threats to cyber security. In a common type of attack, a hostile party induces a software buffer overflow in a susceptible computing device in order to corrupt a procedure return address and transfer control to malicious code. These buffer overflow attacks are often employed to recruit oblivious hosts into distributed denial of service (DDoS) attack networks, which ultimately launch devastating DDoS attacks against victim networks or machines. In spite of existing software countermeasures that seek to prevent buffer overflow exploits, many systems remain vulnerable.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This work was supported in part by the NSF under grants CCR-0208946 and CCR-0105677 and in part by a research gift from Hewlett-Packard.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Baratloo, A., Singh, N., Tsai, T.: Transparent Run-time Defense against Stack Smashing Attacks. In: Proc. of the 9th USENIX Security Symposium (June 2000)
Bypassing StackGuard and StackShield. Phrack Magazine 10(56) (May 2000)
Burger, D., Austin, T.M.: The SimpleScalar Tool Set, Version 2.0. University of Wisconsin-Madison Computer Sciences Department Technical Report (1342) (June 1997)
CERT Coordination Center (November 2001), http://www.cert.org/
Compaq Computer Corporation, Alpha 21164 Microprocessor (.28μm): Hardware Reference Manual (December 1998)
Compaq Computer Corporation, Alpha 21264 Microprocessor Hardware Reference Manual (July 1999)
Cormie, D.: The ARM11 Microarchitecture (April 2002), available at http://www.arm.com/support/WhitePapers/
Cowan, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In: Proceedings of the 7th USENIX Security Symposium (January 1998)
Frantzen, M., Shuey, M.: StackGhost: Hardware Facilitated Stack Protection. In: Proceedings of the 10th USENIX Security Symposium (August. 2001)
Hornof, L., Jim, T.: Certifying Compilation and Run-time Code Generation. In: Proceedings of the ACM Conference on Partial Evaluation and Semantics-Based Program Manipulation (January 1999)
Houle, K.J., Weaver, G.M., Long, N., Thomas, R.: Trends in Denial of Service Attack Technology. CERT Coordination Center (October 2001)
Intel Corporation, The IA-32 Intel Architecture Software Developer’s Manual, vol. 2: Instruction Set Reference, Intel Corporation (2001)
Kaeli, D.R., Emma, P.G.: Branch History Table Prediction of Moving Target Branches Due to Subroutine Returns. In: Proceedings of the 18th International Symposium on Computer Architecture, May 1991, pp. 34-41 (1991)
Karger, P.A., Schell, R.R.: Thirty Years Later: Lessons from the Multics Security Evaluation. In: Proceedings of the 2002 Annual Computer Security Applications Conference, December 2002, pp. 119-126 (2002)
Kargl, F., Maier, J., Weber, M.: Protecting Web Servers from Distributed Denial of Service Attacks. In: Proceedings of the Tenth International Conference on World Wide Web, April 2001, pp. 514-525 (2001)
Karig, D., Lee, R.B.: Remote Denial of Service Attacks and Countermeasures. Princeton University Department of Electrical Engineering Technical Report CEL2001-002 (October 2001)
klog: The Frame Pointer Overwrite. Phrack Magazine 9(55) (September 1999)
Lee, R.B.: Precision Architecture. IEEE Computer 22(1), 78–91 (1989)
McCarthy, J.: Take Two Aspirin, and Patch That System – Now. SecurityWatch, August 31 (2001)
The SANS Institute, The SANS/FBI Twenty Most Critical Internet Security Vulnerabilities (October 2002), http://www.sans.org/top20/
The Standard Performance Evaluation Corporation (November 2001), http://www.spec.org/
Viega, J., Bloch, J.T., Kohno, T., McGraw, G.: ITS4: A Static Vulnerability Scanner for C and C++ Code. In: Proceedings of the 2000 Annual Computer Security Applications Conference (December 2000)
Wagner, D., Dean, D.: Intrusion Detection via Static Analysis. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 156-169 (2001)
Wagner, D., Foster, J.S., Brewer, E.A., Aiken, A.: A First Step towards Automated Detection of Buffer Overrun Vulnerabilities. In: Network and Distributed System Security Symposium (February 2000)
Webb, C.F.: Subroutine Call/Return Stack. IBM Technical Disclosure Bulletin 30(11) (April 1988)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, R.B., Karig, D.K., McGregor, J.P., Shi, Z. (2004). Enlisting Hardware Architecture to Thwart Malicious Code Injection. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds) Security in Pervasive Computing. Lecture Notes in Computer Science, vol 2802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39881-3_21
Download citation
DOI: https://doi.org/10.1007/978-3-540-39881-3_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20887-7
Online ISBN: 978-3-540-39881-3
eBook Packages: Springer Book Archive