Abstract
Buffer overflow attacks are serious security threats to modern computer systems. Prior works against buffer overflow attacks may require users to patch the source codes, rebuild programs, modify the operating system or the augments of hardware architecture, and thus often result in performance degradation or restricted applicability. This paper proposes to protect a system from buffer overflow attacks with a mechanism based on dynamic binary translation. Our mechanism is capable of recovering corrupted data structures on the stack at runtime by dynamically inserting codes to guard the return address and stack frame pointer, without modification of the source code. We have implemented two tools using dynamic binary translation tools, Pin and QEMU. Experimental results showed that both tools detected buffer overflow attacks in our benchmark programs accurately. With our QEMU-based tool, the performance degradation ranged from 11.2% to 41% for realistic applications, which was 11 times less than a compiler-based solution such as Read-Only RAR. The performance of our mechanism and its applicability on various platforms make it an effective and viable solution for end users.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
