Abstract
Vulnerabilities that exist in many software systems can be exploited by attackers to cause serious damages to the users. One of such attacks that have become widely spread in the last decade is the buffer overflow attack. The attacker can, if successful, execute an arbitrary code with the same access privileges as the attacked process. Thus, if the attacked process is a root process, the attackers can execute any kind of code they want and therefore causing a security breach in the system. In this paper, we propose a new solution to the buffer overflow attacks that can protect return addresses from being overwritten. Our solution works with string library functions, such as strcpy() by preventing access to memory locations beyond the frame pointer of a function, and thus preventing overwriting the return address. Unlike other approaches that have been used to solve the buffer overflow attack, our solution can detect and fix buffer overflow vulnerabilities in executable (i.e.,the .exe or binary files). In other words, our solution does not require the availability of the program source code, which may not be available for many applications, and does not require any hardware modifications, which can be expensive. Therefore, we developed a tool that can be used to convert a vulnerable program to a safe version that is protected against buffer overflow attacks.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
