SecureC: Control-Flow Protection Against General Buffer Overflow Attack

Edinburgh, Scotland July 26-July 28

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2005.136

29th Annual International Computer So ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles

	ASCII Text	x
	"SecureC: Control-Flow Protection Against General Buffer Overflow Attack," Computer Software and Applications Conference, Annual International, vol. 1, pp. 149-155, 29th Annual International Computer Software and Applications Conference (COMPSAC'05) Volume 1, 2005.

	BibTex	x
	@article{ 10.1109/COMPSAC.2005.136, author = {}, title = {SecureC: Control-Flow Protection Against General Buffer Overflow Attack}, journal ={Computer Software and Applications Conference, Annual International}, volume = {1}, year = {2005}, issn = {0730-3157}, pages = {149-155}, doi = {http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2005.136}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Software and Applications Conference, Annual International TI - SecureC: Control-Flow Protection Against General Buffer Overflow Attack SN - 0730-3157 SP149 EP155 PY - 2005 KW - null VL - 1 JA - Computer Software and Applications Conference, Annual International ER -

Increasing damage from computer virus or worms creating significant problems worldwide. These malicious programs take advantage of computer vulnerabilities to distort the control-flow of the target system. Among these vulnerabilities, buffer overflow is most frequently used as a means of intrusion. To protect against buffer overflow attacks, we have developed a source-to-source translator called SecureC. It incorporates two novel protection methods, "shadow stack" and "code pointer protection" that prevent control-flow transfer caused by buffer overflow attacks. Evaluation using 11 SPEC CPU2000 benchmark programs showed that SecureC prevents buffer overflow attacks with only 6.1% performance penalty.

Citation:

"SecureC: Control-Flow Protection Against General Buffer Overflow Attack," compsac, vol. 1, pp.149-155, 29th Annual International Computer Software and Applications Conference (COMPSAC'05) Volume 1, 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.