Security protection and checking in embedded system integration against buffer overflow attacks

Zili Shao; Chun Xue; Qingfeng Zhuge; Edwin H.M. Sha; Bin Xiao

Security protection and checking in embedded system integration against buffer overflow attacks

Zili Shao^*
, Chun Xue
, Qingfeng Zhuge
, Edwin H.M. Sha
, Bin Xiao

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

12 Scopus citations

Abstract

With more embedded systems networked, it becomes an important research problem to effectively defend embedded systems against buffer overflow attacks and efficiently check if systems have been protected. In this paper, we propose the HSDefender (Hardware/Software Defender) technique that considers the protection and checking together to solve this problem. Our basic idea is to design a secure instruction set and require third-party software developers to use secure instructions to call functions. Then the security checking can be easily performed by system integrators even without the knowledge of the source code. We first classify buffer overflow attacks into two categories, stack smashing attacks and function pointer attacks, and then provide two corresponding defending strategies. We analyze the HSDefender technique in respect of hardware cost, security, and performance, and experiment with it on the SimpleScalar/ARM simulator using benchmarks from MiBench. The results show that HSDefender can defend a system against more types of buffer overflow attacks with less overhead compared with the previous work.

Original language	English
Title of host publication	International Conferen ON Information Technology
Subtitle of host publication	Coding Computing, ITCC 2004
Editors	P.K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, R. Hashemi
Pages	409-413
Number of pages	5
State	Published - 2004
Externally published	Yes
Event	International Conference on Information Technology: Coding Computing, ITCC 2004 - Las Vegas, NV, United States Duration: 5 Apr 2004 → 7 Apr 2004

Publication series

Name	International Conference on Information Technology: Coding Computing, ITCC
Volume	1

Conference

Conference	International Conference on Information Technology: Coding Computing, ITCC 2004
Country/Territory	United States
City	Las Vegas, NV
Period	5/04/04 → 7/04/04

Cite this

Shao, Z., Xue, C., Zhuge, Q., Sha, E. H. M., & Xiao, B. (2004). Security protection and checking in embedded system integration against buffer overflow attacks. In P. K. Srimani, A. Abraham, M. Cannataro, J. Domingo-Ferrer, & R. Hashemi (Eds.), International Conferen ON Information Technology: Coding Computing, ITCC 2004 (pp. 409-413). (International Conference on Information Technology: Coding Computing, ITCC; Vol. 1).

Shao, Zili ; Xue, Chun ; Zhuge, Qingfeng et al. / Security protection and checking in embedded system integration against buffer overflow attacks. International Conferen ON Information Technology: Coding Computing, ITCC 2004. editor / P.K. Srimani ; A. Abraham ; M. Cannataro ; J. Domingo-Ferrer ; R. Hashemi. 2004. pp. 409-413 (International Conference on Information Technology: Coding Computing, ITCC).

@inproceedings{391f1dbfe74a4e8ea591963744806833,

title = "Security protection and checking in embedded system integration against buffer overflow attacks",

abstract = "With more embedded systems networked, it becomes an important research problem to effectively defend embedded systems against buffer overflow attacks and efficiently check if systems have been protected. In this paper, we propose the HSDefender (Hardware/Software Defender) technique that considers the protection and checking together to solve this problem. Our basic idea is to design a secure instruction set and require third-party software developers to use secure instructions to call functions. Then the security checking can be easily performed by system integrators even without the knowledge of the source code. We first classify buffer overflow attacks into two categories, stack smashing attacks and function pointer attacks, and then provide two corresponding defending strategies. We analyze the HSDefender technique in respect of hardware cost, security, and performance, and experiment with it on the SimpleScalar/ARM simulator using benchmarks from MiBench. The results show that HSDefender can defend a system against more types of buffer overflow attacks with less overhead compared with the previous work.",

author = "Zili Shao and Chun Xue and Qingfeng Zhuge and Sha, \{Edwin H.M.\} and Bin Xiao",

year = "2004",

language = "英语",

isbn = "0769521088",

series = "International Conference on Information Technology: Coding Computing, ITCC",

pages = "409--413",

editor = "P.K. Srimani and A. Abraham and M. Cannataro and J. Domingo-Ferrer and R. Hashemi",

booktitle = "International Conferen ON Information Technology",

note = "International Conference on Information Technology: Coding Computing, ITCC 2004 ; Conference date: 05-04-2004 Through 07-04-2004",

}

Shao, Z, Xue, C, Zhuge, Q , Sha, EHM & Xiao, B 2004, Security protection and checking in embedded system integration against buffer overflow attacks. in PK Srimani, A Abraham, M Cannataro, J Domingo-Ferrer & R Hashemi (eds), International Conferen ON Information Technology: Coding Computing, ITCC 2004. International Conference on Information Technology: Coding Computing, ITCC, vol. 1, pp. 409-413, International Conference on Information Technology: Coding Computing, ITCC 2004, Las Vegas, NV, United States, 5/04/04.

Security protection and checking in embedded system integration against buffer overflow attacks. / Shao, Zili; Xue, Chun; Zhuge, Qingfeng et al.
International Conferen ON Information Technology: Coding Computing, ITCC 2004. ed. / P.K. Srimani; A. Abraham; M. Cannataro; J. Domingo-Ferrer; R. Hashemi. 2004. p. 409-413 (International Conference on Information Technology: Coding Computing, ITCC; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Security protection and checking in embedded system integration against buffer overflow attacks

AU - Shao, Zili

AU - Xue, Chun

AU - Zhuge, Qingfeng

AU - Sha, Edwin H.M.

AU - Xiao, Bin

PY - 2004

Y1 - 2004

N2 - With more embedded systems networked, it becomes an important research problem to effectively defend embedded systems against buffer overflow attacks and efficiently check if systems have been protected. In this paper, we propose the HSDefender (Hardware/Software Defender) technique that considers the protection and checking together to solve this problem. Our basic idea is to design a secure instruction set and require third-party software developers to use secure instructions to call functions. Then the security checking can be easily performed by system integrators even without the knowledge of the source code. We first classify buffer overflow attacks into two categories, stack smashing attacks and function pointer attacks, and then provide two corresponding defending strategies. We analyze the HSDefender technique in respect of hardware cost, security, and performance, and experiment with it on the SimpleScalar/ARM simulator using benchmarks from MiBench. The results show that HSDefender can defend a system against more types of buffer overflow attacks with less overhead compared with the previous work.

AB - With more embedded systems networked, it becomes an important research problem to effectively defend embedded systems against buffer overflow attacks and efficiently check if systems have been protected. In this paper, we propose the HSDefender (Hardware/Software Defender) technique that considers the protection and checking together to solve this problem. Our basic idea is to design a secure instruction set and require third-party software developers to use secure instructions to call functions. Then the security checking can be easily performed by system integrators even without the knowledge of the source code. We first classify buffer overflow attacks into two categories, stack smashing attacks and function pointer attacks, and then provide two corresponding defending strategies. We analyze the HSDefender technique in respect of hardware cost, security, and performance, and experiment with it on the SimpleScalar/ARM simulator using benchmarks from MiBench. The results show that HSDefender can defend a system against more types of buffer overflow attacks with less overhead compared with the previous work.

UR - https://www.scopus.com/pages/publications/3042590891

M3 - 会议稿件

AN - SCOPUS:3042590891

SN - 0769521088

T3 - International Conference on Information Technology: Coding Computing, ITCC

SP - 409

EP - 413

BT - International Conferen ON Information Technology

A2 - Srimani, P.K.

A2 - Abraham, A.

A2 - Cannataro, M.

A2 - Domingo-Ferrer, J.

A2 - Hashemi, R.

T2 - International Conference on Information Technology: Coding Computing, ITCC 2004

Y2 - 5 April 2004 through 7 April 2004

ER -

Shao Z, Xue C, Zhuge Q , Sha EHM, Xiao B. Security protection and checking in embedded system integration against buffer overflow attacks. In Srimani PK, Abraham A, Cannataro M, Domingo-Ferrer J, Hashemi R, editors, International Conferen ON Information Technology: Coding Computing, ITCC 2004. 2004. p. 409-413. (International Conference on Information Technology: Coding Computing, ITCC).

Security protection and checking in embedded system integration against buffer overflow attacks

Abstract

Publication series

Conference

Other files and links

Fingerprint

Cite this