Krerk Piromsopa and Matthew R. Fletcher and Richard J. Enbody
November, 2004
We propose a new, minimalist, architectural approach, secure bit, to protect against buffer overflow and function-pointer attacks. In this paper we present a scheme to manage Secure Bits. Secure Bit is almost completely transparent to software, and has little run-time performance penalty. The goal of Secure Bit is to provide hardware support to protect against current and future generations of buffer-overflow attacks by protecting the integrity of addresses. Included is a reference to our proof that validates the mechanism of the Secure Bit. Robustness and transparency are demonstrated by emulating the hardware, and booting Linux on the emulator and running application software.
You are granted permission for the non-commercial reproduction, distribution, display, and performance of this technical report in any format.