Abstract
The aim of this thesis is the specification, development and empirical
assessment of a new security mechanism Promon capable of protecting existing programs against control flow attacks. Buffer overflows receive special attention, since they are the most common vulnerabilities making control flow attacks possible. The Promon mechanism will not prevent the malicious code from penetrating the program borders, but will detect the penetration and protect the system from harmful action by the malicious code.
The first part of the thesis describes the main parts of a computer system with special focus on the areas related to control flow attacks. After a more detailed look at the causes of control flow attacks we present the various methods for protection against this problem. The last part of the thesis is dedicated to the specification and development of the Promon method and the evaluation of the implementation in terms of performance overhead, completeness etc.