loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Author: André Zúquete

Affiliation: IEETA / UA, Portugal

Keyword(s): Buffer overflows, run-time detection, run-time correctness assessment, damage containment, dependability.

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Data Engineering ; Data Privacy and Security ; Databases and Data Security ; Information and Systems Security ; Intrusion Detection & Prevention

Abstract: This paper describes StackFences, a run-time technique for detecting overflows in local variables in C programs. This technique is different from all others developed so far because it tries to detect explicit overflow occurrences, instead of detecting if a particular stack value, namely a return address, was corrupted because of a stack overflow. Thus, StackFences is useful not only for detecting intrusion attempts but also for checking the run-time robustness of applications. We also conceived different policies for deploying StackFences, allowing a proper balancing between detection accuracy and performance. Effectiveness tests confirmed that all overflows in local variables are detected before causing any severe damage. Performance tests ran with several tools and parameters showed an acceptable performance degradation.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 44.206.227.65

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Zúquete, A. (2004). STACKFENCES: A RUN-TIME APPROACH FOR DETECTING STACK OVERFLOWS. In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE; ISBN 972-8865-15-5; ISSN 2184-3236, SciTePress, pages 76-84. DOI: 10.5220/0001398000760084

@conference{icete04,
author={André Zúquete.},
title={STACKFENCES: A RUN-TIME APPROACH FOR DETECTING STACK OVERFLOWS},
booktitle={Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE},
year={2004},
pages={76-84},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001398000760084},
isbn={972-8865-15-5},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE
TI - STACKFENCES: A RUN-TIME APPROACH FOR DETECTING STACK OVERFLOWS
SN - 972-8865-15-5
IS - 2184-3236
AU - Zúquete, A.
PY - 2004
SP - 76
EP - 84
DO - 10.5220/0001398000760084
PB - SciTePress