Hardware/software optimization for array & pointer boundary checking against buffer overflow attacks

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journal

6 Scopus Citations
View graph of relations

Author(s)

  • Zili Shao
  • Jiannong Cao
  • Keith C.C. Chan
  • Chun Xue
  • Edwin H.-M. Sha

Detail(s)

Original languageEnglish
Pages (from-to)1129-1136
Journal / PublicationJournal of Parallel and Distributed Computing
Volume66
Issue number9
Publication statusPublished - Sep 2006
Externally publishedYes

Abstract

Malicious intrusions by buffer overflow attacks cause serious security problems and pose serious threats for networks and distributed systems such as clusters, Grids and P2P systems. Array & pointer boundary checking is one of the most effective approaches for defending against buffer overflow attacks. However, a big performance overhead may occur after boundary checking is applied. Typically, it may cause 2-5 times slowdown [T.M. Austin, E.B. Scott, S.S. Gurindar, Efficient detection of all pointer and array access errors, in: Proceedings of the ACM SIGPLAN '94 Conference on Programming Language Design and Implementation, 1994, pp. 290-301; R.W.M. Jones, P.H.J. Kelly, Backwards-compatible bounds checking for arrays and pointers in c programs, in: The Third International Workshop on Automated and Algorithmic Debugging, 1997, pp. 13-26]. In this paper, we propose a hardware/software method to optimize the performance of array & pointer boundary checking by designing a special boundary checking instruction. The experimental results show that our method can effectively reduce the overhead of array & pointer boundary checking. © 2006 Elsevier Inc. All rights reserved.

Research Area(s)

  • Array & pointer boundary checking, Buffer overflow, Hardware/software optimization

Citation Format(s)