Sciweavers

EUROSYS
2006
ACM

Practical taint-based protection using demand emulation

14 years 9 months ago
Practical taint-based protection using demand emulation
Many software attacks are based on injecting malicious code into a target host. This paper demonstrates the use of a wellknown technique, data tainting, to track data received from the network as it propagates through a system and to prevent its execution. Unlike past approaches to taint tracking, which track tainted data by running the system completely in an emulator or simulator, resulting in considerable execution overhead, our work demonstrates the ability to dynamically switch a running system between virtualized and emulated execution. Using this technique, we are able to explore hardware support for taint-based protection that is deployable in real-world situations, as emulation is only used when tainted data is being processed by the CPU. By modifying the CPU, memory, and I/O devices to support taint tracking and protection, we guarantee that data received from the network may not be executed, even if it is written to, and later read from disk. We demonstrate near native spee...
Alex Ho, Michael A. Fetterman, Christopher Clark,
Added 10 Mar 2010
Updated 10 Mar 2010
Type Conference
Year 2006
Where EUROSYS
Authors Alex Ho, Michael A. Fetterman, Christopher Clark, Andrew Warfield, Steven Hand
Comments (0)