Practical taint-based protection using demand emulation
作者: Alex Ho , Michael Fetterman , Christopher Clark , Andrew Warfield , Steven Hand
关键词:
摘要: Many software attacks are based on injecting malicious code into a target host. This paper demonstrates the use of well-known technique, data tainting, to track received from network as it propagates through system and prevent its execution. Unlike past approaches taint tracking, which tainted by running completely in an emulator or simulator, resulting considerable execution overhead, our work ability dynamically switch between virtualized emulated Using this we able explore hardware support for taint-based protection that is deployable real-world situations, emulation only used when being processed CPU. By modifying CPU, memory, I/O devices tracking protection, guarantee may not be executed, even if written to, later read disk. We demonstrate near native speeds workloads where little present.
acm.org
core.ac.uk
sci-hub.se 参考文章(28)
G. Portokalidis, H.J. Bos, J.M. Slowinska, Argos: an Emulator for Fingerprinting Zero-Day Attacks ,(2006)
Dana M. Madsen, An Operating System Analog to the Perl Data Tainting Functionality ,(2000)
Andrew Warfield, Steven Hand, Tim Deegan, Keir Fraser, Facilitating the development of soft devices usenix annual technical conference. pp. 22- 22 ,(2005)
Tal Garfinkel, Mendel Rosenblum, Kevin Christopher, Ben Pfaff, Jim Chow, Understanding data lifetime via whole system simulation usenix security symposium. pp. 22- 22 ,(2004)
Babak Falsafi, David A. Wood, Steven K. Reinhardt, Kernel Support for the Wisconsin Wind Tunnel moas'93 USENIX Symposium on USENIX Microkernels and Other Kernel Architectures Symposium - Volume 4. pp. 73- 90 ,(1993)
Anh Nguyen-Tuong, Salvatore Guarnieri, Doug Greene, Jeff Shirley, David Evans, Automatically Hardening Web Applications Using Precise Tainting information security conference. pp. 295- 307 ,(2004) , 10.1007/0-387-25660-1_20
Fabrice Bellard, QEMU, a fast and portable dynamic translator usenix annual technical conference. pp. 41- 41 ,(2005)
Christian Limpach, Eric Jul, Andrew Warfield, Steven Hand, Ian Pratt, Christopher Clark, Jacob Gorm Hansen, Keir Fraser, Live migration of virtual machines networked systems design and implementation. pp. 273- 286 ,(2005) , 10.5555/1251203.1251223
Edouard Bugnion, Scott Devine, Kinshuk Govil, Mendel Rosenblum, Disco: running commodity operating systems on scalable multiprocessors ACM Transactions on Computer Systems. ,vol. 15, pp. 412- 447 ,(1997) , 10.1145/265924.265930
David Thomas, Andrew Hunt, Programming Ruby: the pragmatic programmer's guide Addison-Wesley Longman Publishing Co., Inc.. ,(2000)