Defeating memory corruption attacks via pointer taintedness detection
作者: Shuo Chen , Jun Xu , N. Nakka , Z. Kalbarczyk , R.K. Iyer
DOI: 10.1109/DSN.2005.36
关键词:
摘要: Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these by protecting program control data. We have constructed a new class of that can network applications without tampering with any These non-control data represent challenge security. In this paper, we propose an architectural technique both and based on the notion pointer taintedness. A is said be tainted if user input used as value. attack detected whenever value dereferenced during execution. The architecture implemented SimpleScalar processor simulator evaluated using synthetic programs well real-world applications. Our effectively detect attacks, it offers better coverage than current methods. transparent existing programs.
computer.org
sci-hub.se 参考文章(16)
James C. Foster, Vitaly Osipov, Nish Bhalla, Niels Heinen, Dave Aitel, Format String Attacks Buffer Overflow Attacks#R##N#Detect, Exploit, Prevent. pp. 273- 315 ,(2005) , 10.1016/B978-193226667-2/50047-5
Daniel C. DuVarney, Sandeep Bhatkar, R. Sekar, Address obfuscation: an efficient approach to combat a board range of memory error exploits usenix security symposium. pp. 8- 8 ,(2003)
Navjot Singh, Arash Baratloo, Timothy Tsai, Transparent run-time defense against stack smashing attacks usenix annual technical conference. pp. 21- 21 ,(2000)
David Wagner, Kunal Talwar, Jeffrey S. Foster, Umesh Shankar, Detecting format string vulnerabilities with type qualifiers usenix security symposium. pp. 16- 16 ,(2001)
Shuo Chen, Karthik Pattabiraman, Zbigniew Kalbarczyk, Ravi K. Iyer, Formal Reasoning of Various Categories of Widely Exploited Security Vulnerabilities Using Pointer Taintedness Semantics information security conference. pp. 83- 99 ,(2004) , 10.1007/1-4020-8143-X_6
Eric A. Brewer, Alexander Aiken, David A. Wagner, Jeffrey S. Foster, A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities. network and distributed system security symposium. ,(2000)
Perry Wagle, Jonathan Walpole, Calton Pu, Steve Beattie, Aaron Grier, Crispin Cowan, Heather Hintony, Qian Zhang, Peat Bakke, Dave Maier, StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks usenix security symposium. pp. 5- 5 ,(1998)
Doug Burger, Todd M. Austin, The SimpleScalar tool set, version 2.0 ACM Sigarch Computer Architecture News. ,vol. 25, pp. 13- 25 ,(1997) , 10.1145/268806.268810
Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, Dan Boneh, On the effectiveness of address-space randomization computer and communications security. pp. 298- 307 ,(2004) , 10.1145/1030083.1030124
B.V. Chess, Improving computer security using extended static checking ieee symposium on security and privacy. pp. 160- 173 ,(2002) , 10.1109/SECPRI.2002.1004369