A Categorized Survey on Buffer Overflow Countermeasures

Abstract: Buffer overflow vulnerability is a fundamental cause for most of the cyber attacks such as server breaking-in, worms, zombies, and botnets, since the attacker gets a capital control over a victim host. Many solutions to the buffer overflow attacks have been proposed in the last decade. However, on a routine basis new buffer overflow vulnerabilities are still discovered and reported. Since almost all existing solutions to the buffer overflow attack problem require significant modification to the computing infrastructure in which network applications are developed or executed, and thus have met considerable resistance in actual deployment. This paper is aimed to provide a categorized survey for the existing countermeasures to buffer overflow attack. A categorized survey is necessary in this field because researchers have proposed many software-based and hardware based countermeasures for buffer overflow exploits. These methods differ from one another in the strength of protection provided, the effects on performance, and the easiness of deployment. Finally, the paper compares the effectiveness, performance and limitations of the different category.

Keywords: Buffer overflow attack, Cyber security, Operating System, Computer Architecture