An Architectural Approach to Preventing Code Injection Attacks

Edinburgh, UK June 25-June 28

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/DSN.2007.13

37th Annual IEEE/IFIP International C ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ryan Riley Articles by Xuxian Jiang Articles by Dongyan Xu

	ASCII Text	x
	Ryan Riley, Xuxian Jiang, Dongyan Xu, "An Architectural Approach to Preventing Code Injection Attacks," Dependable Systems and Networks, International Conference on, pp. 30-40, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07), 2007.

	BibTex	x
	@article{ 10.1109/DSN.2007.13, author = {Ryan Riley and Xuxian Jiang and Dongyan Xu}, title = {An Architectural Approach to Preventing Code Injection Attacks}, journal ={Dependable Systems and Networks, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2855-4}, pages = {30-40}, doi = {http://doi.ieeecomputersociety.org/10.1109/DSN.2007.13}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Dependable Systems and Networks, International Conference on TI - An Architectural Approach to Preventing Code Injection Attacks SN - 0-7695-2855-4 SP30 EP40 A1 - Ryan Riley, A1 - Xuxian Jiang, A1 - Dongyan Xu, PY - 2007 KW - Code Injection KW - Secure Memory Architecture VL - 0 JA - Dependable Systems and Networks, International Conference on ER -

Ryan Riley, Purdue University, USA

Xuxian Jiang, George Mason University, USA

Dongyan Xu, Purdue University, USA

Code injection attacks, despite being well researched, continue to be a problem today. Modern architectural solutions such as the NX-bit and PaX have been useful in limiting the attacks, however they enforce program layout restrictions and can often times still be circumvented by a determined attacker. We propose a change to the memory architecture of modern processors that addresses the code injection problem at its very root by virtually splitting memory into code memory and data memory such that a processor will never be able to fetch injected code for execution. This virtual split memory system can be implemented as a software only patch to an operating system, and can be used to supplement existing schemes for improved protection. Our experimental results show the system is effective in preventing a wide range of code injection attacks while incurring acceptable overhead.

Index Terms:

Code Injection, Secure Memory Architecture

Citation:

Ryan Riley, Xuxian Jiang, Dongyan Xu, "An Architectural Approach to Preventing Code Injection Attacks," dsn, pp.30-40, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.