In this paper, we examine the possibility of using virtualization to implement a countermeasure that protects against buffer overflow attacks. The countermeasure works by adding a few extra instructions to the architecture that are emulated by the hypervisor. After running performance benchmarks, a high overhead was observed. Our proof of concept software implementation illustrates that the proposed approach is feasible and that the hardware implementation confirms a negligible overhead.
展开▼
