Preventing stack buffer overflow attacks

Information security – Monitoring or scanning of software or data including attack...

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C713S187000, C713S190000

Reexamination Certificate

active

07086088

ABSTRACT:
A method and system for preventing stack buffer overflow attacks in a computer system are disclosed. A computer system can prevent stack buffer overflow attacks by encrypting return addresses prior to pushing them onto the runtime stack. When an encrypted return address is popped off the runtime stack, the computer system decrypts the encrypted return address to determine the actual return address. A random encryption key can be used, which can be generated from the CPU's clock cycle counter. Multitasking environments can add a seed register to the task state so that each task can use a unique seed to encrypt the return addresses.

REFERENCES:
patent: 5881279 (1999-03-01), Lin et al.
patent: 6044220 (2000-03-01), Breternitz, Jr.
Immunix: Adaptive System Survivability, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 2 pages, Mar. 26, 2002.
The IA-32 Intel® Architecture Software Developer's Manual, vol. 3: System Programming Guide, printed from http://www.developer.intel.com/design/pentium4/manuals/245472.htm, 1 page, Apr. 17, 2002.
Immunix.org: The Source for Secure Linux Components and Platforms, printed from http://immunix.org/stackguard.html, 2 pages, Mar. 26, 2002.
StackGuard Mechanism: Stack Integrity Checking, printed from http://immunix.org/StackGuard/mechanism.html, 1 page, Mar. 26, 2002.
Aleph One, “BoS: Smashing The Stack For Fun And Profit”, printed from http://immunix.org/StackGuard/profit.html, 38 pages, Mar. 26, 2002.
Cowan, Crispin et al., “StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks”, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 15 pages.
Cowan Crispin et al., “Protecting Systems from Stack Smashing Attacks with StackGuard”, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 11 pages.
Cowan Crispin et al., “Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade”, printed from http://www.cse.ogi.edu/DISC/projects/immunix, 11 pages, 1999.
Hinton Heather et al., “SAM: Security Adaptation Manager”, 10 pages.
Immunix.org: The Source for Secure Linux Components and Platforms, FormatGuard, printed from http://immunix.org/formatguard.html, 3 pages, Mar. 26, 2002.
Cowan Crispin et al., “FormatGuard: Automatic Protection From printf Format String Vulnerabilities”, WireX Communications, Inc., USENIX Security Symposium, Aug. 2001.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Preventing stack buffer overflow attacks does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Preventing stack buffer overflow attacks, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Preventing stack buffer overflow attacks will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3661117

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.