www.SmashGuard.org - Electrical & Computer Engineering

SmashGuard: A Hardware Solution to Prevent
Security Attacks on the Function Return Address

SmashGuard is a hardware-based solution developed by the SmashGuard Group at Purdue University to prevent Buffer-Overflow Attacks realized by overwriting the Function Return Address. At each function call, SmashGuard keeps a copy of the function Return Address written to the program stack in a LIFO buffer on the CPU - the Hardware Stack. When a function returns to its caller (finishes), the Return Addresses in the hardware stack is compared with the Return Address on the program stack. A mismatch signals tampering with the Return Address in the program stack - a sign of a Buffer Overflow attack. In that case, a hardware exception is raised and the process is terminated before the control is redirected to the modified return addresss.

The design of SmashGuard is a kernel patch that supports CPUs modified to support SmashGuard protection. For performance evaluation against Stackguard, we ported StackGuard to Alpha architecture to perform simulations on Simplescalar v.3.0, an Alpha CPU simulator widely used by computer architecture research community. For details please follow the links below:

Stackguard Alpha Port
SmashGuard Tech Report #1 (TR-ECE 02-08) - December 5, 2002
SmashGuard Tech Report #2 (TR-ECE 03-13) - November 22, 2003
SmashGuard Tech Report #2 [update] (TR-ECE 03-13) - February 25, 2004
Article published in the Communications of the ACM - Updated on October 26, 2005...new!