Architecture Support for Defending Against Buffer Overflow Attacks

Buffer overflow attacks are the predominant threat to the secure operation of network and in particular, Internetbased applications. Stack smashing is a common mode of buffer overflow attack for hijacking system control. This paper evaluates two architecture-based techniques to defend systems against such attacks: (1) the split control and data stack, and (2) secure return address stack (SRAS). The split stack approach separates control and data stack to prevent the function return address from being overwritten. This approach can be implemented with compiler support or with architectural support by modifying the semantics of call and return instructions. The compiler implementation shows slight performance overhead (e.g., 2% for ftp server), and the architectural support eliminates the overhead of the software solution. The SRAS is a hardware-based solution for detecting attacks. It uses the redundant copy of the return address maintained by the processor to validate return addresses and thereby detect malicious attacks. SRAS has been implemented in the SimpleScalar processor simulator. Simulation results show that the maximum overhead is 0.02% with a SRAS size of 64 entries for SPECINT 2000