A Hardware Protection Device against Buffer Overflow Attack

A buffer overflow and hardware protection technology, applied in the direction of platform integrity maintenance, etc., can solve problems such as program crash, increase software complexity, increase system burden, etc., and achieve the effect of high execution efficiency, increased security, and good portability.

Active Publication Date: 2018-12-18
BEIHANG UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) The above protection methods against buffer overflow attacks are all from the perspective of software, which will increase the complexity of the software, and the code itself as the protection function is also the object of attack, which cannot resist physical attacks
[0006] (2) The current defense method will increase the burden on the system and affect the performance of the processor
At the same time, it is also easy to cause the program to crash when running

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Hardware Protection Device against Buffer Overflow Attack
  • A Hardware Protection Device against Buffer Overflow Attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] See figure 1 , figure 2 As shown, its specific implementation is as follows:

[0029] The present invention designs a hardware protection device against buffer overflow attacks, which mainly consists of the following parts. SPI (Serial Peripheral Interface) module, processor interface module. The internal processing module mainly includes a counter module, a safety mark module, and a memory control module. The relationship between them is that the memory control module is the most important module, and other modules are connected around it. Wherein the SPI module provides a download interface for it; the memory control module is connected with the processor through the processor interface; the check value used by the hash to calculate the code is stored in the storage module of the memory control module.

[0030] figure 1 The architecture of the hardware protection device is described. Before it works, the executable code part of the extraction tool needs to be ex...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a hardware protection module aiming at overflow attacks of a buffer area. The hardware protection module is directly connected with a processor to monitor an executing process of a program, and consists of four parts including a serial peripheral interface module namely an SPI module, a processor interface module, a memory control module and a security label module, wherein the memory control module is a kernel module, other modules are connected by taking the memory control module as a center, the SPI module provides a data download interface for the memory control module, the processor interface module provides a processor interface for the memory control module, and the security label module performs encryption processing on data stored in the memory control module. The security of the hardware protection module provided by the invention is stronger than that of general software protection, and meanwhile, the hardware protection module reduces the overhead of hardware resources, does not occupy memory resources of a system, is high in execution efficiency, has good portability, and can adapt to processors with different frameworks by only modifying a few key parameters.

Description

technical field [0001] The invention provides a hardware protection device for buffer overflow attack, which relates to a hardware protection device for buffer overflow attack of an embedded processor. The invention belongs to the technical field of embedded system security. Background technique [0002] Buffer overflow is a very common and dangerous vulnerability, and has become one of the most important security threats today. In various security reports, buffer overflow vulnerabilities are always a very important part. Buffer overflow attacks are easily exploited by attackers, because languages ​​such as C and C++ do not automatically detect buffer overflow operations, and it is difficult for programmers to always check whether buffer overflows may occur when writing code. Using overflow, attackers can write desired data anywhere in the vulnerable program memory, even including key data that controls the program execution flow (such as the return address after a functio...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/52
CPCG06F21/52
Inventor 王翔庞树松王维克赵宗民何展宏王晓翠徐洋
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap