Sciweavers

DSN
2007
IEEE

An Architectural Approach to Preventing Code Injection Attacks

14 years 6 months ago
An Architectural Approach to Preventing Code Injection Attacks
Code injection attacks, despite being well researched, continue to be a problem today. Modern architectural solutions such as the NX-bit and PaX have been useful in limiting the attacks, however they enforce program layout restrictions and can often times still be circumvented by a determined attacker. We propose a change to the memory architecture of modern processors that addresses the code injection problem at its very root by virtually splitting memory into code memory and data memory such that a processor will never be able to fetch injected code for execution. This virtual split memory system can be implemented as a software only patch to an operating system, and can be used to supplement existing schemes for improved protection. Our experimental results show the system is effective in preventing a wide range of code injection attacks while incurring acceptable overhead.
Ryan Riley, Xuxian Jiang, Dongyan Xu
Added 02 Jun 2010
Updated 02 Jun 2010
Type Conference
Year 2007
Where DSN
Authors Ryan Riley, Xuxian Jiang, Dongyan Xu
Comments (0)