Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits
Despite the fact that protection mechanisms like StackGuard, ASLR and NX are widespread, the development on new defense strategies against stack-based buffer overflows has not yet come to an end. In this article, we present a novel compiler-level protection called SCADS: Separated Control and Data S...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
European Alliance for Innovation (EAI)
2015-10-01
|
| Series: | EAI Endorsed Transactions on Security and Safety |
| Subjects: | |
| Online Access: | http://eudl.eu/doi/10.4108/eai.5-10-2015.150477 |
| _version_ | 1819079436933267456 |
|---|---|
| author | Christopher Kugler Tilo Müller |
| author_facet | Christopher Kugler Tilo Müller |
| author_sort | Christopher Kugler |
| collection | DOAJ |
| description | Despite the fact that protection mechanisms like StackGuard, ASLR and NX are widespread, the development on new defense strategies against stack-based buffer overflows has not yet come to an end. In this article, we present a novel compiler-level protection called SCADS: Separated Control and Data Stacks that protects return addresses and saved frame pointers on a separate stack, called the control stack. In common computer programs, a single user mode stack is used to store control information next to data buffers. By separating control information from the data stack, we can protect sensitive pointers of a program’s control flow from being overwritten by buffer overflows. To substantiate the practicability of our approach, we provide SCADS as an open source patch for the LLVM compiler infrastructure. Focusing on Linux and FreeBSD running on the AMD64 architecture, we show compatibility, security and performance results. As we make control flow information simply unreachable for buffer overflows, many exploits are stopped at an early stage of progression with only negligible performance overhead. |
| first_indexed | 2024-12-21T19:28:58Z |
| format | Article |
| id | doaj.art-a072ebdbb0d34d55b970b34add7b43a9 |
| institution | Directory Open Access Journal |
| issn | 2032-9393 |
| language | English |
| last_indexed | 2024-12-21T19:28:58Z |
| publishDate | 2015-10-01 |
| publisher | European Alliance for Innovation (EAI) |
| record_format | Article |
| series | EAI Endorsed Transactions on Security and Safety |
| spelling | doaj.art-a072ebdbb0d34d55b970b34add7b43a92022-12-21T18:52:45ZengEuropean Alliance for Innovation (EAI)EAI Endorsed Transactions on Security and Safety2032-93932015-10-012413410.4108/eai.5-10-2015.150477Separated Control and Data Stacks to Mitigate Buffer Overflow ExploitsChristopher Kugler0Tilo Müller1Department of Computer Science, Friedrich-Alexander-University of Erlangen-Nuremberg, GermanyDepartment of Computer Science, Friedrich-Alexander-University of Erlangen-Nuremberg, Germany; timuller@cs.fau.deDespite the fact that protection mechanisms like StackGuard, ASLR and NX are widespread, the development on new defense strategies against stack-based buffer overflows has not yet come to an end. In this article, we present a novel compiler-level protection called SCADS: Separated Control and Data Stacks that protects return addresses and saved frame pointers on a separate stack, called the control stack. In common computer programs, a single user mode stack is used to store control information next to data buffers. By separating control information from the data stack, we can protect sensitive pointers of a program’s control flow from being overwritten by buffer overflows. To substantiate the practicability of our approach, we provide SCADS as an open source patch for the LLVM compiler infrastructure. Focusing on Linux and FreeBSD running on the AMD64 architecture, we show compatibility, security and performance results. As we make control flow information simply unreachable for buffer overflows, many exploits are stopped at an early stage of progression with only negligible performance overhead.http://eudl.eu/doi/10.4108/eai.5-10-2015.150477Stack-based Buffer OverflowsLLVMSeparate Control Stack |
| spellingShingle | Christopher Kugler Tilo Müller Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits EAI Endorsed Transactions on Security and Safety Stack-based Buffer Overflows LLVM Separate Control Stack |
| title | Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits |
| title_full | Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits |
| title_fullStr | Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits |
| title_full_unstemmed | Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits |
| title_short | Separated Control and Data Stacks to Mitigate Buffer Overflow Exploits |
| title_sort | separated control and data stacks to mitigate buffer overflow exploits |
| topic | Stack-based Buffer Overflows LLVM Separate Control Stack |
| url | http://eudl.eu/doi/10.4108/eai.5-10-2015.150477 |
| work_keys_str_mv | AT christopherkugler separatedcontrolanddatastackstomitigatebufferoverflowexploits AT tilomuller separatedcontrolanddatastackstomitigatebufferoverflowexploits |