Sciweavers

CCS
2009
ACM

Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks

14 years 4 months ago
Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks
Despite the many efforts made in recent years to mitigate runtime attacks such as stack and heap based buffer overflows, these attacks are still a common security concern in today's computing platforms. Attackers have even found new ways to enforce runtime attacks including use of a technique called return-oriented programming. Trusted Computing provides mechanisms to verify the integrity of all executable content in an operating system. But they only provide integrity at load-time and are not able to prevent or detect runtime attacks. To mitigate return-oriented programming attacks, we propose new runtime integrity monitoring techniques that use tracking instrumentation of program binaries based on taint analysis and dynamic tracing. We also describe how these techniques can be employed in a dynamic integrity measurement architecture (DynIMA). In this way we fill the gap between static load-time and dynamic runtime attestation and, in particular, extend trusted computing techniq...
Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy
Added 12 Aug 2010
Updated 12 Aug 2010
Type Conference
Year 2009
Where CCS
Authors Lucas Davi, Ahmad-Reza Sadeghi, Marcel Winandy
Comments (0)