Sciweavers

DSN
2005
IEEE

Defeating Memory Corruption Attacks via Pointer Taintedness Detection

14 years 6 months ago
Defeating Memory Corruption Attacks via Pointer Taintedness Detection
Most malicious attacks compromise system security through memory corruption exploits. Recently proposed techniques attempt to defeat these attacks by protecting program control data. We have constructed a new class of attacks that can compromise network applications without tampering with any control data. These non-control data attacks represent a new challenge to system security. In this paper, we propose an architectural technique to defeat both control data and non-control data attacks based on the notion of pointer taintedness. A pointer is said to be tainted if user input can be used as the pointer value. A security attack is detected whenever a tainted value is dereferenced during program execution. The proposed architecture is implemented on the SimpleScalar processor simulator and is evaluated using synthetic programs as well as real-world network applications. Our technique can effectively detect both control data and noncontrol data attacks, and it offers better security co...
Shuo Chen, Jun Xu, Nithin Nakka, Zbigniew Kalbarcz
Added 24 Jun 2010
Updated 24 Jun 2010
Type Conference
Year 2005
Where DSN
Authors Shuo Chen, Jun Xu, Nithin Nakka, Zbigniew Kalbarczyk, Ravishankar K. Iyer
Comments (0)