Proceedings of the Detection of Intrusions and Malware and Vulnerability Assessment Conference (DIMVA 2011) pages:194-213
Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2011) edition:8 location:Amsterdam date:7-8 July 2011
In this paper we present an efficient countermeasure against code injection attacks. Our countermeasure does not rely on secret values such as stack canaries and protects against attacks that are not addressed by state-of-the-art countermeasures of similar performance. By enforcing the correct semantics of code pointers, we thwart attacks that modify code pointers to divert the application's control flow. We have implemented a prototype of our solution in a C-compiler for Linux. The evaluation shows that the overhead of using our countermeasure is small and the security benefits are substantial.