Improvement of tagged architecture for preventing software vulnerabilities

Abstract

In spite of the many defense techniques, software vulnerabilities like buffer overflow, format string vulnerability and integer vulnerability is still exploited by attackers. These software vulnerabilities arise due to programming mistakes which allows security bugs to be exploited. Buffer overflow occurs when buffer is given more data than the capacity of it. Format string vulnerability arises when data supplied by attacker is passed to formatting functions as format string argument. Integer vulnerability occurs when program evaluates an integer to unexpected value due to integer overflows, underflows, truncation errors or signed conversion errors. The hardware based solution called tagged architecture protects a system against mentioned vulnerabilities. In tagged architecture, each memory byte is appended with one tag bit to mark data that comes from I/O. Whenever I/O supplied data is used to transfer control of a system or to access memory, an alert is raised and program is terminated. This thesis proposes a weakness of tagged architecture by finding false positives and false negatives on it. It also proposes the improvements to the tagged architecture to avoid found false positives on it. The prototype implementation of improved tagged architecture is done in SimpleScalar simulator. The SimpleScalar simulator is a architectural simulator. The security evaluation is done for tagged architecture and improved tagged architecture through benchmarks and synthetic vulnerable programs.