Design of experimental test bed to evaluate effectiveness of software protection mechanisms against buffer overflow attacks through emulation

Abstract

To date a number of comprehensive techniques have been proposed to defend against buffer overflow attacks. While in theory these techniques aim to detect and defend against all forms of buffer overflows, in practice attackers constantly find techniques to bypass these protection mechanisms. In addition quite many of the mechanisms proposed in literature are never absorbed into a production system as these techniques suffer from performance issues such as high operational overhead in terms of system memory and/or CPU cycles and incompatibility with legacy systems. Further, none of the proposed security mechanisms guarantee 100% assurance against an attacker. On the other hand with the increase in the amount of digital data and the number of devices connected to the internet, the amount of information lost in the event of a large scale cyber attack is ever increasing. While often theoretical study of security is sufficient to identify the weakness of IT systems, an empirical evaluation is necessary to perform cost benefit benefit between the number computer hijacked (is an indirect measure of amount of information lost) in the event of a large scale cyber attack and the buffer overflow protection mechanism adopted. In this paper we propose an architecture for creation of an experimental test bed to evaluate the effectiveness of a buffer overflow protection mechanism by measuring overhead incurred versus it's effectiveness in defending against a large scale cyber attack.