Abstract

Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these attacks by protecting program control data. We have constructed a new class of attacks that can compromise network applications without tampering with any control data. These non-control data attacks represent a new challenge to system security. In this paper, we propose an architectural technique to defeat both control data and non-control data attacks based on the notion of pointer taintedness. A pointer is said to be tainted if user input can be used as the pointer value. A security attack is detected whenever a tainted value is dereferenced during program execution. The proposed architecture is implemented on the SimpleScalar processor simulator and is evaluated using synthetic programs as well as real-world network applications. Our technique can effectively detect both control data and non-control data attacks, and it offers better security coverage than current methods. The proposed architecture is transparent to existing programs.

Original languageEnglish (US)
Pages378-387
Number of pages10
StatePublished - Nov 9 2005
Event2005 International Conference on Dependable Systems and Networks - Yokohama, Japan
Duration: Jun 28 2005Jul 1 2005

Other

Other2005 International Conference on Dependable Systems and Networks
CountryJapan
CityYokohama
Period6/28/057/1/05

Fingerprint

Data storage equipment
Security systems
Simulators

Keywords

  • Attack
  • Hardware Design
  • Security
  • Taintedness
  • Vulnerability

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Chen, S., Xu, J., Nakka, N., Kalbarczyk, Z., & Iyer, R. K. (2005). Defeating memory corruption attacks via pointer taintedness detection. 378-387. Paper presented at 2005 International Conference on Dependable Systems and Networks, Yokohama, Japan.

Defeating memory corruption attacks via pointer taintedness detection. / Chen, Shuo; Xu, Jun; Nakka, Nithin; Kalbarczyk, Zbigniew; Iyer, Ravishankar K.

2005. 378-387 Paper presented at 2005 International Conference on Dependable Systems and Networks, Yokohama, Japan.

Research output: Contribution to conferencePaper

Chen, S, Xu, J, Nakka, N, Kalbarczyk, Z & Iyer, RK 2005, 'Defeating memory corruption attacks via pointer taintedness detection', Paper presented at 2005 International Conference on Dependable Systems and Networks, Yokohama, Japan, 6/28/05 - 7/1/05 pp. 378-387.
Chen S, Xu J, Nakka N, Kalbarczyk Z, Iyer RK. Defeating memory corruption attacks via pointer taintedness detection. 2005. Paper presented at 2005 International Conference on Dependable Systems and Networks, Yokohama, Japan.
Chen, Shuo ; Xu, Jun ; Nakka, Nithin ; Kalbarczyk, Zbigniew ; Iyer, Ravishankar K. / Defeating memory corruption attacks via pointer taintedness detection. Paper presented at 2005 International Conference on Dependable Systems and Networks, Yokohama, Japan.10 p.
@conference{345cd7ef32f84cf7bde1962a3a8fa248,
title = "Defeating memory corruption attacks via pointer taintedness detection",
abstract = "Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these attacks by protecting program control data. We have constructed a new class of attacks that can compromise network applications without tampering with any control data. These non-control data attacks represent a new challenge to system security. In this paper, we propose an architectural technique to defeat both control data and non-control data attacks based on the notion of pointer taintedness. A pointer is said to be tainted if user input can be used as the pointer value. A security attack is detected whenever a tainted value is dereferenced during program execution. The proposed architecture is implemented on the SimpleScalar processor simulator and is evaluated using synthetic programs as well as real-world network applications. Our technique can effectively detect both control data and non-control data attacks, and it offers better security coverage than current methods. The proposed architecture is transparent to existing programs.",
keywords = "Attack, Hardware Design, Security, Taintedness, Vulnerability",
author = "Shuo Chen and Jun Xu and Nithin Nakka and Zbigniew Kalbarczyk and Iyer, {Ravishankar K.}",
year = "2005",
month = "11",
day = "9",
language = "English (US)",
pages = "378--387",
note = "2005 International Conference on Dependable Systems and Networks ; Conference date: 28-06-2005 Through 01-07-2005",

}

TY - CONF

T1 - Defeating memory corruption attacks via pointer taintedness detection

AU - Chen, Shuo

AU - Xu, Jun

AU - Nakka, Nithin

AU - Kalbarczyk, Zbigniew

AU - Iyer, Ravishankar K.

PY - 2005/11/9

Y1 - 2005/11/9

N2 - Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these attacks by protecting program control data. We have constructed a new class of attacks that can compromise network applications without tampering with any control data. These non-control data attacks represent a new challenge to system security. In this paper, we propose an architectural technique to defeat both control data and non-control data attacks based on the notion of pointer taintedness. A pointer is said to be tainted if user input can be used as the pointer value. A security attack is detected whenever a tainted value is dereferenced during program execution. The proposed architecture is implemented on the SimpleScalar processor simulator and is evaluated using synthetic programs as well as real-world network applications. Our technique can effectively detect both control data and non-control data attacks, and it offers better security coverage than current methods. The proposed architecture is transparent to existing programs.

AB - Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these attacks by protecting program control data. We have constructed a new class of attacks that can compromise network applications without tampering with any control data. These non-control data attacks represent a new challenge to system security. In this paper, we propose an architectural technique to defeat both control data and non-control data attacks based on the notion of pointer taintedness. A pointer is said to be tainted if user input can be used as the pointer value. A security attack is detected whenever a tainted value is dereferenced during program execution. The proposed architecture is implemented on the SimpleScalar processor simulator and is evaluated using synthetic programs as well as real-world network applications. Our technique can effectively detect both control data and non-control data attacks, and it offers better security coverage than current methods. The proposed architecture is transparent to existing programs.

KW - Attack

KW - Hardware Design

KW - Security

KW - Taintedness

KW - Vulnerability

UR - http://www.scopus.com/inward/record.url?scp=27544498541&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=27544498541&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:27544498541

SP - 378

EP - 387

ER -