Title: A novel approach against the system buffer overflow

Authors: Yi-Tung F. Chan, Galyna A. Akmayeva, Charles A. Shoniregun

Addresses: University of Wales, King Edward VII Ave., Cardiff CF10 3NS, UK. ' University of Wales, King Edward VII Ave., Cardiff CF10 3NS, UK. ' Infonomics Society, 1 The Greensted, Basildon, Essex, SS14 1SZ, UK

Abstract: The system buffer overflow (SBO) is a universal problem in information security. In the traditional defence mechanisms, the SBO prevents shell code execution and neglect unsuccessful attack that makes system procedures terminate abnormally. In this loophole, attackers can modify the data structure of the control programme procedure such as the return address or the function pointer and then the system programme procedure will be turned to the code-injection attacks (CIA) or the return-into-libc attacks. In this paper, we propose the memory protector (MP) which is a novel solution to prevent the SBO attack. The MP uses Linux operating system to implement the defence mechanism that will prevent the stack-based buffer overflow attack from the malicious CIA, defect and prevent the zero-day-attack, and keeping memory integrity. In this experiment, we choose Linux operating system (Linux 2.4.21) to implement the defence mechanism that will prevent the stack-based buffer overflow attack from the malicious CIA, defect and prevent the zero-day-attack, and keeping memory integrity.

Keywords: memory protector; malicious code attacks; system buffer overflow; SBO attack; information security; Linux operating system; defence mechanism.

DOI: 10.1504/IJITST.2010.031471

International Journal of Internet Technology and Secured Transactions, 2010 Vol.2 No.1/2, pp.32 - 58

Published online: 05 Feb 2010 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article