To detect stack buffer overflow with polymorphic canaries
Stack Smashing Protection (SSP) is a simple and highly efficient technique widely used in practice as the front line defense against stack buffer overflow attacks. Unfortunately, SSP is known to be vulnerable to the so-called byte-by-byte attack. Although several remedy schemes are proposed in the r...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2018
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/4101 https://ink.library.smu.edu.sg/context/sis_research/article/5104/viewcontent/Stack_Buffer_Polymorphic_Canaries_2018_DSN_afv.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-5104 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-51042018-12-27T06:37:44Z To detect stack buffer overflow with polymorphic canaries WANG, Zhilong DING, Xuhua PANG, Chengbin GUO, Jian ZHU, Jun MAO, Bing Stack Smashing Protection (SSP) is a simple and highly efficient technique widely used in practice as the front line defense against stack buffer overflow attacks. Unfortunately, SSP is known to be vulnerable to the so-called byte-by-byte attack. Although several remedy schemes are proposed in the recent literature, their security is achieved at the price of practicality, because their complex logics ruin SSP's simplicity and high-efficiency. In this paper, we present an elegant solution named as Polymorphic SSP (P-SSP) that attains the same security without sacrificing SSP's strengths. We also propose three extensions of the basic scheme for better compatibility, stronger security, and local variable protection, respectively. We have implemented both a compiler plugin and a binary instrumentation tool for deploying P-SSP. Their respective runtime overheads are only 0.24% and 1.01%. We have also experimented with our extensions and compared their pros and cons with the basic scheme. 2018-06-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4101 info:doi/10.1109/DSN.2018.00035 https://ink.library.smu.edu.sg/context/sis_research/article/5104/viewcontent/Stack_Buffer_Polymorphic_Canaries_2018_DSN_afv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Brute force attack Canary Stack buffer overflow Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Brute force attack Canary Stack buffer overflow Information Security |
| spellingShingle |
Brute force attack Canary Stack buffer overflow Information Security WANG, Zhilong DING, Xuhua PANG, Chengbin GUO, Jian ZHU, Jun MAO, Bing To detect stack buffer overflow with polymorphic canaries |
| description |
Stack Smashing Protection (SSP) is a simple and highly efficient technique widely used in practice as the front line defense against stack buffer overflow attacks. Unfortunately, SSP is known to be vulnerable to the so-called byte-by-byte attack. Although several remedy schemes are proposed in the recent literature, their security is achieved at the price of practicality, because their complex logics ruin SSP's simplicity and high-efficiency. In this paper, we present an elegant solution named as Polymorphic SSP (P-SSP) that attains the same security without sacrificing SSP's strengths. We also propose three extensions of the basic scheme for better compatibility, stronger security, and local variable protection, respectively. We have implemented both a compiler plugin and a binary instrumentation tool for deploying P-SSP. Their respective runtime overheads are only 0.24% and 1.01%. We have also experimented with our extensions and compared their pros and cons with the basic scheme. |
| format |
text |
| author |
WANG, Zhilong DING, Xuhua PANG, Chengbin GUO, Jian ZHU, Jun MAO, Bing |
| author_facet |
WANG, Zhilong DING, Xuhua PANG, Chengbin GUO, Jian ZHU, Jun MAO, Bing |
| author_sort |
WANG, Zhilong |
| title |
To detect stack buffer overflow with polymorphic canaries |
| title_short |
To detect stack buffer overflow with polymorphic canaries |
| title_full |
To detect stack buffer overflow with polymorphic canaries |
| title_fullStr |
To detect stack buffer overflow with polymorphic canaries |
| title_full_unstemmed |
To detect stack buffer overflow with polymorphic canaries |
| title_sort |
to detect stack buffer overflow with polymorphic canaries |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2018 |
| url |
https://ink.library.smu.edu.sg/sis_research/4101 https://ink.library.smu.edu.sg/context/sis_research/article/5104/viewcontent/Stack_Buffer_Polymorphic_Canaries_2018_DSN_afv.pdf |
| _version_ |
1770574309325012992 |