Preventing stack overflow using Alternative Stack approaches

Abstract

Buffer overflow marks a phenomenon of a malicious technique employed by attackers, as reported in the NIST statistics. This paper presents a method of implementing a dual stack approach using software to protect the data stack from experiencing the attack by using 3 types of architecture, ranging from parallel program, multi-threading to a simple sequential subroutine. The current research on dual stack may require new hardware or a modified version of compiler which may complicate the implementation. These implementations spark some major issues in code backward compatibility with some changes in the language semantics especially in handling the movement of data to and from the dual stack. This paper discusses the implementation of Alternative Stack prototypes in 3 types of architecture and observation on its behavior during the performance and security test. The test has been benchmarked against the programs that are compiled with Microsoft Security Cookie. The Alternative Stack Architecture 3 prototype displayed a significant performance against the benchmarked programs whilst maintaining the confidentiality, integrity and availability of the programs. © 2018 Authors.