Enlisting Hardware Architecture to Thwart Malicious Code Injection

Software vulnerabilities that enable the injection and execution of malicious code in pervasive Internet-connected computing devices pose serious threats to cyber security. In a common type of attack, a hostile party induces a software buffer overflow in a susceptible computing device in order to corrupt a procedure return address and transfer control to malicious code. These buffer overflow attacks are often employed to recruit oblivious hosts into distributed denial of service (DDoS) attack networks, which ultimately launch devastating DDoS attacks against victim networks or machines. In spite of existing software countermeasures that seek to prevent buffer overflow exploits, many systems remain vulnerable. In this paper, we describe a hardware-based secure return address stack (SRAS), which prevents malicious code injection involving procedure return address corruption. Implementing this special hardware stack only requires low cost modifications to the processor and operating system. This enables the hardware protection to be applied to both legacy executable code and new programs. Also, this hardware defense has a negligible impact on performance in the applications examined. The security offered by this hardware solution complements rather than replaces that provided by existing static software techniques. Thus, we detail how the combination of the proposed secure return address stack and software defenses enables comprehensive multi-layer protection against buffer overflow attacks and malicious code injection.