Code injection attacks, despite being well researched, continue to be a problem today. Modern architectural solutions such as the NX-bit and PaX have been useful in limiting the attacks. However, they enforce program layout restrictions and can often times still be circumvented by a determined attacker.
This study propose a change to the memory architecture of modern processors that addresses the code injection problem at its very root by virtually splitting memory into code memory and data memory such that a processor will never be able to fetch injected code for execution. This virtual split memory system can be implemented as a software only patch to an operating system, and can be used to supplement existing schemes for improved protection.
The experimental results has show that the system is effective in preventing a wide range of code injection attacks while incurring acceptable overhead.
