A software approach for stack memory protection based on duplication and randomisation Online publication date: Fri, 17-Mar-2017
by Sahel Alouneh; Mazen Kharbutli; Rana AlQurem
International Journal of Internet Technology and Secured Transactions (IJITST), Vol. 6, No. 4, 2016
Abstract: With software systems continuously growing in size and complexity, the number and variety of security vulnerabilities in those systems is increasing in an alarming rate. Unfortunately, all previously proposed solutions that deal with this problem suffer from shortcomings and therefore highlighting the need for further research in this vital area. In this paper, a software-based solution for stack-based vulnerabilities and attacks is proposed, implemented, and tested. The basic idea of our approach is to implement a patch tool that makes multiple copies of the return addresses in the stack, and then randomises the location of all copies in addition to their number. All duplicate copies are updated and checked in parallel such that any mismatch between any of these copies would indicate a possible attack attempt and would trigger an exception. The results of our implementation show high protection against integer overflow and buffer overflow attacks.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Internet Technology and Secured Transactions (IJITST):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com