Paper Info
Title
HeapDefender: A Mechanism of Defending Embedded Systems against Heap Overflow via Hardware
Abstract
Buffer overflow attacks have been causing serious security problems for decades. While numerous approaches have been proposed to prevent stack overflows, heap overflows remain a security threat and a frequent source of bugs. Embedded systems can be easily attacked by the heap overflow attacks. In this paper, based on analyzing the security of an embedded processor at instruction level, we propose a hardware defense mechanism, Heap Defender, which aims to detect heap buffer overflow attacks. Heap Defender, a module of hardware located the inside of the embedded processor, neither modifies the program nor destroys the pipeline integrity. The instructions parsed in parallel within the Heap Defender are synchronized with the CPU pipeline which makes the Heap Defender have little performance overhead. As demonstrated in an FPGA (Field Programmable Gate Array) prototyping, the experimental results show that Heap Defender can effectively detect heap buffer overflow attacks with around 15% hardware cost overhead and only 0.1% performance penalty.
Year
DOI
Venue
2012
10.1109/UIC-ATC.2012.115
UIC/ATC
Keywords
Field
DocType
hardware defense mechanism,heap overflow attack,heap overflow,security threat,heap buffer overflow attack,serious security problem,hardware cost overhead,embedded processor,heap defender,buffer overflow attack,buffer overflow,embedded system,field programmable gate arrays,instruction sets,parallel programming,security,payloads,pipelines,embedded systems,hardware
Instruction set,Computer science,Heap overflow,Heap (data structure),Real-time computing,Computer hardware,Payload,Central processing unit,Pipeline transport,Field-programmable gate array,Operating system,Embedded system,Buffer overflow
Conference
Citations 
PageRank 
References 
0
0.34
10
Authors
3
Name
Order
Citations
PageRank
Dongfang Li110615.34
Zheng-lin Liu27412.07
Yizhi Zhao300.68