SafeStack+: Enhanced dual stack to combat data-flow hijacking
SafeStack, initially proposed as a key component of Code Pointer Integrity (CPI), separates the program stack into two distinct regions to provide a safe region for sensitive code pointers. SafeStack can prevent buffer overflow attacks that overwrite sensitive code pointers, e.g., return addresses,...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2017
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/3746 https://ink.library.smu.edu.sg/context/sis_research/article/4748/viewcontent/101007_2F978_3_319_59870_3_6.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-4748 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-47482018-03-02T07:19:14Z SafeStack+: Enhanced dual stack to combat data-flow hijacking LIN, Yan TANG, Xiaoxiao GAO, Debin SafeStack, initially proposed as a key component of Code Pointer Integrity (CPI), separates the program stack into two distinct regions to provide a safe region for sensitive code pointers. SafeStack can prevent buffer overflow attacks that overwrite sensitive code pointers, e.g., return addresses, to hijack control flow of the program, and has been incorporated into the Clang project of LLVM as a C-based language front-end. In this paper, we propose and implement SafeStack+, an enhanced dual stack LLVM plug-in that further protects programs from data-flow hijacking. SafeStack+ locates data flow sensitive variables on the unsafe stack that could potentially affect evaluation of branching conditions, and adds canaries of random sizes and values to them to detect malicious overwriting. We implement SafeStack+ as a plug-in on LLVM 3.8 and perform extensive experiments to justify a lazy checking mechanism that adds on average 3.0% of runtime and 5.3% of memory overhead on top of SafeStack on SPEC CPU2006 benchmark programs. Our security analysis confirms that SafeStack+ is effective in detecting data-flow hijacking attacks. 2017-01-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3746 info:doi/10.1007/978-3-319-59870-3_6 https://ink.library.smu.edu.sg/context/sis_research/article/4748/viewcontent/101007_2F978_3_319_59870_3_6.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Buffer overflow Data flow Control flow Databases and Information Systems Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Buffer overflow Data flow Control flow Databases and Information Systems Information Security |
| spellingShingle |
Buffer overflow Data flow Control flow Databases and Information Systems Information Security LIN, Yan TANG, Xiaoxiao GAO, Debin SafeStack+: Enhanced dual stack to combat data-flow hijacking |
| description |
SafeStack, initially proposed as a key component of Code Pointer Integrity (CPI), separates the program stack into two distinct regions to provide a safe region for sensitive code pointers. SafeStack can prevent buffer overflow attacks that overwrite sensitive code pointers, e.g., return addresses, to hijack control flow of the program, and has been incorporated into the Clang project of LLVM as a C-based language front-end. In this paper, we propose and implement SafeStack+, an enhanced dual stack LLVM plug-in that further protects programs from data-flow hijacking. SafeStack+ locates data flow sensitive variables on the unsafe stack that could potentially affect evaluation of branching conditions, and adds canaries of random sizes and values to them to detect malicious overwriting. We implement SafeStack+ as a plug-in on LLVM 3.8 and perform extensive experiments to justify a lazy checking mechanism that adds on average 3.0% of runtime and 5.3% of memory overhead on top of SafeStack on SPEC CPU2006 benchmark programs. Our security analysis confirms that SafeStack+ is effective in detecting data-flow hijacking attacks. |
| format |
text |
| author |
LIN, Yan TANG, Xiaoxiao GAO, Debin |
| author_facet |
LIN, Yan TANG, Xiaoxiao GAO, Debin |
| author_sort |
LIN, Yan |
| title |
SafeStack+: Enhanced dual stack to combat data-flow hijacking |
| title_short |
SafeStack+: Enhanced dual stack to combat data-flow hijacking |
| title_full |
SafeStack+: Enhanced dual stack to combat data-flow hijacking |
| title_fullStr |
SafeStack+: Enhanced dual stack to combat data-flow hijacking |
| title_full_unstemmed |
SafeStack+: Enhanced dual stack to combat data-flow hijacking |
| title_sort |
safestack+: enhanced dual stack to combat data-flow hijacking |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2017 |
| url |
https://ink.library.smu.edu.sg/sis_research/3746 https://ink.library.smu.edu.sg/context/sis_research/article/4748/viewcontent/101007_2F978_3_319_59870_3_6.pdf |
| _version_ |
1770573709625524224 |