Abstract

Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these attacks by protecting program control data. We have constructed a new class of attacks that can compromise network applications without tampering with any control data. These non-control data attacks represent a new challenge to system security. In this paper, we propose an architectural technique to defeat both control data and non-control data attacks based on the notion of pointer taintedness. A pointer is said to be tainted if user input can be used as the pointer value. A security attack is detected whenever a tainted value is dereferenced during program execution. The proposed architecture is implemented on the SimpleScalar processor simulator and is evaluated using synthetic programs as well as real-world network applications. Our technique can effectively detect both control data and non-control data attacks, and it offers better security coverage than current methods. The proposed architecture is transparent to existing programs.

Original languageEnglish (US)
Pages378-387
Number of pages10
StatePublished - 2005
Event2005 International Conference on Dependable Systems and Networks - Yokohama, Japan
Duration: Jun 28 2005Jul 1 2005

Other

Other2005 International Conference on Dependable Systems and Networks
Country/TerritoryJapan
CityYokohama
Period6/28/057/1/05

Keywords

  • Attack
  • Hardware Design
  • Security
  • Taintedness
  • Vulnerability

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Defeating memory corruption attacks via pointer taintedness detection'. Together they form a unique fingerprint.

Cite this