A stack-smashing attack is an attack method that causes services to be
stopped and also allows an attacker to intrude into a system. It uses a
well-known vulnerability of applications called the buffer overflow
vulnerability. The stack-smashing attack is the most common attack method
reported in UNIX security news reports. In 1999, the vulnerability of IIS
4.0, the popular web server for the Microsoft Windows operating system, was
reported. There were more than 1.5 million systems attacked throughout the
world.
This paper presents a systematic solution to the problem of buffer overflow
attacks. Our approach called \textit{ProPolice} provides a protection method
that automatically inserts protection code into an application at compilation
time. The main characteristics of \textit{ProPolice} are low performance overhead
of the protection code, protecting against different varieties of
stack-smashing attacks, and supporting various processors.
By: Hiroaki Etoh and Kunikazu Yoda
Published in: RT0371 in 2002
LIMITED DISTRIBUTION NOTICE:
This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.
Questions about this service can be mailed to reports@us.ibm.com .