Variable Record Table: A Run-time Solution for Mitigating Buffer Overflow Attack

TL;DR

This paper introduces Variable Record Table (VRT), a runtime method that detects buffer overflow attacks by tracking variable memory bounds with minimal overhead, demonstrated on benchmarks and real vulnerabilities.

Contribution

The paper presents VRT, a novel runtime solution that automatically records variable bounds to mitigate buffer overflows with low memory overhead.

Findings

Detects buffer overflow attacks with zero instruction overhead.

Requires up to 13Kb memory for 324 variables.

Effective on benchmark suites and real vulnerabilities.

Abstract

We present a novel approach to mitigate buffer overflow attack using Variable Record Table (VRT). Dedicated memory space is used to automatically record base and bound information of variables extracted during runtime. We instrument frame pointer and function(s) related registers to decode variable memory space in stack and heap. We have modified Simplescalar/PISA simulator to extract variables space of six (6) benchmark suites from MiBench. We have tested 290 small C programs (MIT corpus suite) having 22 different buffer overflow vulnerabilities in stack and heap. Experimental results show that our approach can detect buffer overflow attack with zero instruction overhead with the memory space requirement up to 13Kb to maintain VRT for a program with 324 variables.