Mike Frantzen
CERIAS
frantzen@cerias.purdue.edu
Mike Shuey
Engineering Computer Network
shuey@ecn.purdue.edu
Our implementation called StackGhost under OpenBSD 2.8 acts as a ghost in the machine. StackGhost advances exploit prevention in that it protects every application run on the system without their knowledge nor does it require their source or binary modification.
We will document several of the methods devised to preserve the sanctity of the system and will explore the performance ramifications of StackGhost.