Zili Shao, Qingfeng Zhuge, Yi He, Edwin Sha
University of Texas at Dallas
Buffer overflow attacks have been causing serious security problems for decades. With more embedded systems networked, it becomes an important research problem to defend embedded systems against buffer overflow attacks. In this paper, we propose the Hardware/Software Address Protection (HSAP) technique to defend embedded systems against buffer overflow attacks. We first classify buffer overflow attacks into three categories and then provide three defending strategies correspondingly. We show that the HSAP technique can be applied to any type of processors to defend against buffer overflow attacks. We use four classes of processors to illustrate that the applicability of our technique is independent of architectures. We experiment with our HSAP technique in ARM Evaluator-7T simulation development environments. The results show that our HSAP technique provides a much better security with little overhead compared with previous work.
Keywords: Buffer overflow, Embedded systems, Hardware/Software, Defend
Read Paper (in PDF)