Buffer overflow attack mitigation via Trusted Platform Module (TPM)
As of the date of writing of this paper, we found no effort whatsoever in the employment of Trusted Computing (TC)'s Trusted Platform Module (TPM) security features in Buffer Overflow Attack (BOA) mitigation. Such is despite the extensive application of TPM in providing security based solutions...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IKRAM Education
2014
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/51814/1/Buffer%20overflow%20attack%20mitigation%20via%20Trusted%20Platform%20Module%20%28TPM%29.pdf http://psasir.upm.edu.my/id/eprint/51814/ http://iukl.edu.my/iukl-research-journal/archives/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Putra Malaysia |
| Language: | English |
| id |
my.upm.eprints.51814 |
|---|---|
| record_format |
eprints |
| spelling |
my.upm.eprints.518142017-05-02T04:39:21Z http://psasir.upm.edu.my/id/eprint/51814/ Buffer overflow attack mitigation via Trusted Platform Module (TPM) Teh, Jia Yew Samsudin, Khairulmizam Udzir, Nur Izura Hashim, Shaiful Jahari As of the date of writing of this paper, we found no effort whatsoever in the employment of Trusted Computing (TC)'s Trusted Platform Module (TPM) security features in Buffer Overflow Attack (BOA) mitigation. Such is despite the extensive application of TPM in providing security based solutions, especially in key exchange protocols deemed to be an integral part of cryptographic solutions. In this paper we propose the use of TPM's Platform Configuration Register (PCR) in the detection and prevention of stack based buffer overflow attacks. Detection is achieved via the integrity validation (of SHA1 hashses) of both return address and call instruction opcodes. Prevention is achieved via encrypting the memory location addresses of both the return and call instruction above using RSA encryption. An exception is raised should integrity violations occur. Based on effectiveness tests conducted, our proposed solution has successfully detected 6 major variants of buffer overflow attacks attempted in conventional application codes, while incurring overheads that pose no major obstacles in the normal, continued operation of conventional application codes. IKRAM Education 2014 Article PeerReviewed application/pdf en http://psasir.upm.edu.my/id/eprint/51814/1/Buffer%20overflow%20attack%20mitigation%20via%20Trusted%20Platform%20Module%20%28TPM%29.pdf Teh, Jia Yew and Samsudin, Khairulmizam and Udzir, Nur Izura and Hashim, Shaiful Jahari (2014) Buffer overflow attack mitigation via Trusted Platform Module (TPM). Infrastructure University Kuala Lumpur Research Journal, 2 (1). pp. 73-84. ISSN 2289-4144 http://iukl.edu.my/iukl-research-journal/archives/ |
| institution |
Universiti Putra Malaysia |
| building |
UPM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Putra Malaysia |
| content_source |
UPM Institutional Repository |
| url_provider |
http://psasir.upm.edu.my/ |
| language |
English |
| description |
As of the date of writing of this paper, we found no effort whatsoever in the employment of Trusted Computing (TC)'s Trusted Platform Module (TPM) security features in Buffer Overflow Attack (BOA) mitigation. Such is despite the extensive application of TPM in providing security based solutions, especially in key exchange protocols deemed to be an integral part of cryptographic solutions. In this paper we propose the use of TPM's Platform Configuration Register (PCR) in the detection and prevention of stack based buffer overflow attacks. Detection is achieved via the integrity validation (of SHA1 hashses) of both return address and call instruction opcodes. Prevention is achieved via encrypting the memory location addresses of both the return and call instruction above using RSA encryption. An exception is raised should integrity violations occur. Based on effectiveness tests conducted, our proposed solution has successfully detected 6 major variants of buffer overflow attacks attempted in conventional application codes, while incurring overheads that pose no major obstacles in the normal, continued operation of conventional application codes. |
| format |
Article |
| author |
Teh, Jia Yew Samsudin, Khairulmizam Udzir, Nur Izura Hashim, Shaiful Jahari |
| spellingShingle |
Teh, Jia Yew Samsudin, Khairulmizam Udzir, Nur Izura Hashim, Shaiful Jahari Buffer overflow attack mitigation via Trusted Platform Module (TPM) |
| author_facet |
Teh, Jia Yew Samsudin, Khairulmizam Udzir, Nur Izura Hashim, Shaiful Jahari |
| author_sort |
Teh, Jia Yew |
| title |
Buffer overflow attack mitigation via Trusted Platform Module (TPM) |
| title_short |
Buffer overflow attack mitigation via Trusted Platform Module (TPM) |
| title_full |
Buffer overflow attack mitigation via Trusted Platform Module (TPM) |
| title_fullStr |
Buffer overflow attack mitigation via Trusted Platform Module (TPM) |
| title_full_unstemmed |
Buffer overflow attack mitigation via Trusted Platform Module (TPM) |
| title_sort |
buffer overflow attack mitigation via trusted platform module (tpm) |
| publisher |
IKRAM Education |
| publishDate |
2014 |
| url |
http://psasir.upm.edu.my/id/eprint/51814/1/Buffer%20overflow%20attack%20mitigation%20via%20Trusted%20Platform%20Module%20%28TPM%29.pdf http://psasir.upm.edu.my/id/eprint/51814/ http://iukl.edu.my/iukl-research-journal/archives/ |
| _version_ |
1643835063511547904 |