01-02-2011, 01:29 AM
SigFree: A Signature-Free Buffer Overflow Attack Blocker
Prevention/Detection of Buffer Overflows
six classes of buffer overflows can be exemplified:
-Finding bugs in source code:These are due to the bugs in the source code. The bug-finding techniques belonging to the static analysis has been proposed and they have been implemented in the form of various tools.
-Compiler extensions: a developer can add buffer overflow detection
automatically to a program by using a modified compiler if the source code of the program is made available. Some of the such compilers are StackGuard , ProPolice , and Return Address Defender (RAD).
-OS modifications.: The buffer overflows can be prevented by the modification of some aspects of the OS
-Hardware modifications;: This involves storing all the return addresses in the processor. Thus, no input can change a return address.
-Defense-side obfuscation: This involves Address Space Layout
Randomization (ASLR). This can prevent the exploitation of all memory errors.
For more details on the topic, see the paper here:
http://cse.psu.edu/~szhu/papers/sigfree-journal.pdf