A memory access validation scheme against payload injection attacks

Authors:
Dongkyun Ahn;Gyungho Lee
Affiliations:
University of Illinois at Chicago, Chicago, IL;Korea University, Seoul, Korea
Venue:
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Year:
2012

Citing 12
Cited 0

Secure program execution via dynamic information flow tracking

ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
On the effectiveness of address-space randomization

Proceedings of the 11th ACM conference on Computer and communications security
Minos: Control Data Attack Prevention Orthogonal to Memory Model

Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Microarchitectural Protection Against Stack-Based Buffer Overflow Attacks

IEEE Micro
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks

Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Raksha: a flexible information flow architecture for software security

Proceedings of the 34th annual international symposium on Computer architecture
Valgrind: a framework for heavyweight dynamic binary instrumentation

Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
StackGhost: Hardware facilitated stack protection

SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Control-flow integrity principles, implementations, and applications

ACM Transactions on Information and System Security (TISSEC)
Return-oriented programming without returns

Proceedings of the 17th ACM conference on Computer and communications security
Return-Oriented Programming: Systems, Languages, and Applications

ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security
Control-flow integrity principles, implementations, and applications

ACM Transactions on Information and System Security (TISSEC)

Quantified Score

Hi-index	0.00

Visualization

Abstract

The authenticity of a piece of data or an instruction is crucial in mitigating threats from various forms of software attacks. In spite of various features against malicious attacks exploiting spurious data, adversaries have been successful in circumventing such protections. This paper proposes a memory access validation scheme that manages information on spurious data at the granularity of cache line size. A validation unit based on the proposed scheme answers queries from other components in the processor so that spurious data can be blocked before control flow diversion. We describe the design of this validation unit as well as its integration into the memory hierarchy of a modern processor and assess its memory requirement and performance impact with two simulators. The experimental results show that our scheme is able to detect the synthesized payload injection attacks and to manage taint information with moderate memory overhead under acceptable performance impact.