Despite the fact that protection mechanisms like StackGuard, ASLR and NX are widespread, the development on new defense strategies against stack-based buffer overflows has not yet come to an end. In this article, we present a novel compiler-level protection called SCADS: Separated Control and Data Stacks that protects return addresses and saved frame pointers on a separate stack, called the control stack. In common computer programs, a single user mode stack is used to store control information next to data buffers. By separating control information from the data stack, we can protect sensitive pointers of a program’s control flow from being overwritten by buffer overflows. To substantiate the practicability of our approach, we provide SCAD...
C, C++ and most other popular low-level languages delegate memory management to the programmer, freq...
The vast majority of software vulnerabilities still originates from buffer overflows. Many different...
Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the...
This paper presents a systematic solution to the per-sistent problem of buffer overflow attacks. Buf...
Buffer overflow attack can inflict upon almost arbitrary programs and is one of the most common vuln...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Stack shielding technologies have been developed to protect programs against exploitation of stack b...
Buffer overflow happens when the runtime process loads more data into the buffer than its design cap...
Buffer overflow vulnerabilities are the most prevalent security vulnerabilities; they are responsibl...
Manipulations of return addresses on the stack are the basis for a variety of attacks on programs wr...
Buffer Overflow (BOF) has been a ubiquitous security vulnerability for more than three decades, pote...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Abstract Buffer overflow poses a serious threat to the memory security of modern operating systems. ...
Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs. Control-Flow I...
Memory corruption vulnerabilities, such as stack-based buffer overflows, continue to be a major thre...
C, C++ and most other popular low-level languages delegate memory management to the programmer, freq...
The vast majority of software vulnerabilities still originates from buffer overflows. Many different...
Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the...
This paper presents a systematic solution to the per-sistent problem of buffer overflow attacks. Buf...
Buffer overflow attack can inflict upon almost arbitrary programs and is one of the most common vuln...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Stack shielding technologies have been developed to protect programs against exploitation of stack b...
Buffer overflow happens when the runtime process loads more data into the buffer than its design cap...
Buffer overflow vulnerabilities are the most prevalent security vulnerabilities; they are responsibl...
Manipulations of return addresses on the stack are the basis for a variety of attacks on programs wr...
Buffer Overflow (BOF) has been a ubiquitous security vulnerability for more than three decades, pote...
Control-flow hijacking attacks allow adversaries to take over seemingly benign software, e.g., a web...
Abstract Buffer overflow poses a serious threat to the memory security of modern operating systems. ...
Control-Flow Hijacking attacks are the dominant attack vector against C/C++ programs. Control-Flow I...
Memory corruption vulnerabilities, such as stack-based buffer overflows, continue to be a major thre...
C, C++ and most other popular low-level languages delegate memory management to the programmer, freq...
The vast majority of software vulnerabilities still originates from buffer overflows. Many different...
Buffer overflow vulnerabilities are caused by programming errors that allow an attacker to cause the...