Security protection and checking for embedded system integration against buffer overflow attacks via hardware/software

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review

77 Scopus Citations
View graph of relations

Author(s)

  • Zili Shao
  • Qingfeng Zhuge
  • Meikang Qiu
  • Bin Xiao
  • Edwin H.-M. Sha

Detail(s)

Original languageEnglish
Pages (from-to)443-453
Journal / PublicationIEEE Transactions on Computers
Volume55
Issue number4
Publication statusPublished - Apr 2006
Externally publishedYes

Abstract

With more embedded systems networked, it becomes an important problem to effectively defend embedded systems against buffer overflow attacks. Due to the increasing complexity and strict requirements, off-the-shelf software components are widely used in embedded systems, especially for military and other critical applications. Therefore, in addition to effective protection, we also need to provide an approach for system integrators to efficiently check whether software components have been protected. In this paper, we propose the HSDefender (Hardware/Software Defender) technique to perform protection and checking together. Our basic idea is to design secure call instructions so systems can be secured and checking can be easily performed. In the paper, we classify buffer overflow attacks into two categories and provide two corresponding defending strategies. We analyze the HSDefender technique with respect to hardware cost, security, and performance. We experiment with our HSDefender technique on the SimpleScalar/ARM simulator with benchmarks from MiBench, an embedded benchmark suite. The results show that our HSDefender technique can defend a system against more types of buffer overflow attacks with less overhead compared with the previous work. © 2006 IEEE.

Research Area(s)

  • Buffer overflow attack, Embedded system, Hardware/software, Protection, Security

Citation Format(s)

Security protection and checking for embedded system integration against buffer overflow attacks via hardware/software. / Shao, Zili; Xue, Chun; Zhuge, Qingfeng; Qiu, Meikang; Xiao, Bin; Sha, Edwin H.-M.

In: IEEE Transactions on Computers, Vol. 55, No. 4, 04.2006, p. 443-453.

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review