Open AccessPreventing Stack Overflow Using Alternative Stack Approaches
Author(s) -
Khairol Amin Mohd Salleh,
Abdul Rahim Ahmad,
Roslan Ismail
Publication year - 2018
Publication title -
international journal of engineering and technology
Language(s) - English
Resource type - Journals
ISSN - 2227-524X
DOI - 10.14419/ijet.v7i4.35.22739
Subject(s) - computer science , call stack , subroutine , nist , stack (abstract data type) , compiler , implementation , operating system , programming language , natural language processing
Buffer overflow marks a phenomenon of a malicious technique employed by attackers, as reported in the NIST statistics. This paper presents a method of implementing a dual stack approach using software to protect the data stack from experiencing the attack by using 3 types of architecture, ranging from parallel program, multi-threading to a simple sequential subroutine. The current research on dual stack may require new hardware or a modified version of compiler which may complicate the implementation. These implementations spark some major issues in code backward compatibility with some changes in the language semantics especially in handling the movement of data to and from the dual stack. This paper discusses the implementation of Alternative Stack prototypes in 3 types of architecture and observation on its behavior during the performance and security test. The test has been benchmarked against the programs that are compiled with Microsoft Security Cookie. The Alternative Stack Architecture 3 prototype displayed a significant performance against the benchmarked programs whilst maintaining the confidentiality, integrity and availability of the programs.