TY - GEN
T1 - Encoding function pointers and memory arrangement checking against buffer overflow attack
AU - Pyo, Changwoo
AU - Lee, Gyungho
N1 - Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2002.
PY - 2002
Y1 - 2002
N2 - Program counter is the only mechanism for processor to access instruction to execute. Protecting program counter is the fundamental defense for securing computer system. This paper presents a scheme of protecting program counter by encoding function pointers. In the scheme, every function address is encoded by linker. Compiler inserts instructions for decoding function addresses before call instruction. Encoding code pointers, function addresses as well as return addresses in stack frame, provides substantial coverage of protecting program counter. Several suggestions are also made to detect compromised code pointers at run-time without memory space for sensor mechanism. A demo Linux system has been under construction with the proposed scheme. Experimental data shows performance slowdown less than 10% when all return addresses and function addresses are encoded. With a Pentium III processor of 866MHz, the overhead for each function call is on the order of nanoseconds. We plan to migrate parts of our code pointer encoding scheme from linker to dynamic linker, which should improve security and performance.
AB - Program counter is the only mechanism for processor to access instruction to execute. Protecting program counter is the fundamental defense for securing computer system. This paper presents a scheme of protecting program counter by encoding function pointers. In the scheme, every function address is encoded by linker. Compiler inserts instructions for decoding function addresses before call instruction. Encoding code pointers, function addresses as well as return addresses in stack frame, provides substantial coverage of protecting program counter. Several suggestions are also made to detect compromised code pointers at run-time without memory space for sensor mechanism. A demo Linux system has been under construction with the proposed scheme. Experimental data shows performance slowdown less than 10% when all return addresses and function addresses are encoded. With a Pentium III processor of 866MHz, the overhead for each function call is on the order of nanoseconds. We plan to migrate parts of our code pointer encoding scheme from linker to dynamic linker, which should improve security and performance.
KW - Buffer overflow attack
KW - Function pointer encoding
KW - Memory arrangement checking
KW - Program counter
UR - http://www.scopus.com/inward/record.url?scp=84944034531&partnerID=8YFLogxK
U2 - 10.1007/3-540-36159-6_3
DO - 10.1007/3-540-36159-6_3
M3 - Conference contribution
AN - SCOPUS:84944034531
SN - 3540001646
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 25
EP - 36
BT - Information and Communications Security - 4th International Conference, ICICS 2002, Proceedings
A2 - Deng, Robert
A2 - Bao, Feng
A2 - Zhou, Jianying
A2 - Qing, Sihan
PB - Springer Verlag
T2 - 4th International Conference on Information and Communications Security, ICICS 2002
Y2 - 9 December 2002 through 12 December 2002
ER -