Return to search

Stack Protection Mechanisms In Packet Processing Systems

As the functionality that current computer network can provide is becoming complicated, a traditional router with application-specific integrated circuit (ASIC) implementation can't satisfy the flexibility requirements. Instead, a programmable packet forward system based on a general-purpose processor could provide the flexibility. While this system provides flexibility, a new potential security issue arises. Usually, software is involved as the packet forward system is programmable. The software's potential vulnerability, especially as to the remote exploits, becomes an issue of network security. In this thesis work, we proposed a software stack overflow vulnerability on click modular router and show how a disastrous denial-of-service attack on click modular router could be triggered by a single packet. In our research work, click modular router runs on Linux operating system based on general-purpose hardware. We actually showed that even a software router run within a modern operating system's protection is vulnerable by elaborate attack. And we checked the possible stack protection mechanisms on modern OS based on general-purpose hardware and proposed a possible stack protection mechanism for embedded OS.

Identiferoai:union.ndltd.org:UMASS/oai:scholarworks.umass.edu:theses-2139
Date01 January 2013
CreatorsWu, Peng
PublisherScholarWorks@UMass Amherst
Source SetsUniversity of Massachusetts, Amherst
Detected LanguageEnglish
Typetext
Formatapplication/pdf
SourceMasters Theses 1911 - February 2014

Page generated in 0.002 seconds