SmashClean: A hardware level mitigation to stack smashing attacks in OpenRISC

Abstract

Buffer overflow and stack smashing have been one of the most popular software based vulnerabilities in literature. There have been multiple works which have used these vulnerabilities to induce powerful attacks to trigger malicious code snippets or to achieve privilege escalation. In this work, we attempt to implement hardware level security enforcement to mitigate such attacks on OpenRISC architecture. We have analyzed the given exploits [5] in detail and have identified two major vulnerabilities in the exploit codes: memory corruption by non-secure memcpy() and return address modification by buffer overflow. We have individually addressed each of these exploits and have proposed a combination of compiler and hardware level modification to prevent them. The advantage of having hardware level protection against these attacks provides reliable security against the popular software level countermeasures.