Extended Protection against Stack Smashing Attacks without Performance Loss

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Yves Younan Articles by Davide Pozza Articles by Frank Piessens Articles by Wouter Joosen

22nd Annual Computer Security Applications Conference (ACSAC'06)

Miami Beach, Florida, USA

December 11-December 15

ISBN: 0-7695-2716-7

	ASCII Text	x
	Yves Younan, Davide Pozza, Frank Piessens, Wouter Joosen, "Extended Protection against Stack Smashing Attacks without Performance Loss," Computer Security Applications Conference, Annual, pp. 429-438, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006.

	BibTex	x
	@article{ 10.1109/ACSAC.2006.27, author = {Yves Younan and Davide Pozza and Frank Piessens and Wouter Joosen}, title = {Extended Protection against Stack Smashing Attacks without Performance Loss}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2006}, issn = {1063-9527}, pages = {429-438}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.27}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Extended Protection against Stack Smashing Attacks without Performance Loss SN - 1063-9527 SP429 EP438 A1 - Yves Younan, A1 - Davide Pozza, A1 - Frank Piessens, A1 - Wouter Joosen, PY - 2006 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

Yves Younan, Katholieke Universiteit Leuven, Belgium

Davide Pozza, Politecnico di Torino, Italy

Frank Piessens, Katholieke Universiteit Leuven, Belgium

Wouter Joosen, Katholieke Universiteit Leuven, Belgium

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ACSAC.2006.27

In this paper we present an efficient countermeasure against stack smashing attacks. Our countermeasure does not rely on secret values (such as canaries) and protects against attacks that are not addressed by state-of-the-art countermeasures. Our technique splits the standard stack into multiple stacks. The allocation of data types to one of the stacks is based on the chances that a specific data element is either a target of attacks and/or an attack vector. We have implemented our solution in a C-compiler for Linux. The evaluation shows that the overhead of using our counter-measure is negligible.

Citation:

Yves Younan, Davide Pozza, Frank Piessens, Wouter Joosen, "Extended Protection against Stack Smashing Attacks without Performance Loss," acsac, pp.429-438, 22nd Annual Computer Security Applications Conference (ACSAC'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.