Real-World Buffer Overflow Protection for Userspace and Kernelspace
نویسندگان
چکیده
Despite having been around for more than 25 years, buffer overflow attacks are still a major security threat for deployed software. Existing techniques for buffer overflow detection provide partial protection at best as they detect limited cases, suffer from many false positives, require source code access, or introduce large performance overheads. Moreover, none of these techniques are easily applicable to the operating system kernel. This paper presents a practical security environment for buffer overflow detection in userspace and kernelspace code. Our techniques build upon dynamic information flow tracking (DIFT) and prevent the attacker from overwriting pointers in the application or operating system. Unlike previous work, our technique does not have false positives on unmodified binaries, protects both data and control pointers, and allows for practical hardware support. Moreover, it is applicable to the kernel and provides robust detection of buffer overflows and user/kernel pointer dereferences. Using a full system prototype of a Linux workstation (hardware and software), we demonstrate our security approach in practice and discuss the major challenges for robust buffer overflow protection in real-world software.
منابع مشابه
Dynamic Buffer Overflow Detection
The capabilities of seven dynamic buffer overflow detection tools (Chaperon, Valgrind, CCured, CRED, Insure++, ProPolice and TinyCC) are evaluated in this paper. These tools employ different approaches to runtime buffer overflow detection and range from commercial products to opensource gcc-enhancements. A comprehensive testsuite was developed consisting of specifically-designed test cases and ...
متن کاملELFbac: Using the Loader Format for Intent-Level Semantics and Fine-Grained Protection
Adversaries get software to do bad things by rewriting memory and changing control flow. Current approaches to protecting against these attacks leave many exposures; for example, OS-level filesystem protection and OS/architecture support of the userspace/kernelspace distinction fail to protect corrupted userspace code from changing userspace data. In this paper we present a new approach: using ...
متن کاملA Lightweight Buffer Overflow Protection Mechanism with Failure-Oblivious Capability
Buffer overflow has become a major source of network security vulnerability. Traditional schemes for detecting buffer overflow attacks usually terminate the attacked service, degrading the service availability. In this paper, we propose a lightweight buffer overflow protection mechanism that allows continued network service. The proposed mechanism allows a service program to reconfigure itself ...
متن کاملLibsafe: Transparent System-wide Protection Against Buffer Overflow Attacks
Libsafe is a practical solution that protects against the most common forms of buffer overflow attacks. Such attacks often result in granting the attacker full privileges on the target system. Libsafe is implemented as a shared library that intercepts calls to vulnerable standard library functions. Based on an inspection of the process stack and the function arguments, Libsafe ensures that no r...
متن کاملModel - Checking : Benchmarking and Techniques for Buffer Overflow Analysis by Kelvin Ku A thesis submitted in conformity with the requirements
Software Model-Checking: Benchmarking and Techniques for Buffer Overflow Analysis Kelvin Ku Master of Science Graduate Department of Computer Science University of Toronto 2008 Software model-checking based on abstraction-refinement has recently achieved widespread success in verifying critical properties of real-world device drivers. We believe this success can be replicated for the problem of...
متن کامل