7th USENIX Security Symposium, 1998
[
Technical Program
]
Pp. 63–78 of the
Proceedings
Next:
Abstract
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
Crispin Cowan, Calton Pu, Dave Maier, Heather Hinton
, Jonathan Walpole,
Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle and Qian Zhang
Department of Computer Science and Engineering
Oregon Graduate Institute of Science & Technology
immunix-request@cse.ogi.edu
,
http
://cse.ogi.edu/DISC/projects/immunix
Introduction
Buffer Overflow Attacks
StackGuard: Making the Stack Safe for Network Access
Detecting Return Address Change Before Return
Randomizing the Canary
Preventing Return Address Changes With MemGuard
Adaptive Defense Strategies
Experimental Results
StackGuard Effectiveness
StackGuard Overhead
Canary StackGuard Overhead
MemGuard StackGuard Overhead
StackGuard Macrobenchmarks
Discussion
Defending Against Future Attacks
Administration and Configuration
Performance Optimizations
Future Work
Related Work
Non-Executable Stack
FreeBSD Stack Integrity Check
Array Bounds Checking for C
Memory Access Checking
Type-Safe Languages
Conclusions
Availability
References
About this document ...
Crispin Cowan
Tue Dec 9 16:04:30 PST 1997
This paper was originally published in the Proceedings of the 7th USENIX Security Symposium, January 26-29, 1998, San Antonio, Texas
Last changed: 12 April 2002 aw
Technical Program
Conference Index
USENIX home
Technical Program