Dynamic Information Flow Tracking

From NUEESS

(Difference between revisions)
Jump to: navigation, search
(Created page with '== Abstract == Dynamic information flow tracking (DIFT) has been an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. Howe…')
(Abstract)
Line 1: Line 1:
== Abstract ==
== Abstract ==
-
Dynamic information flow tracking (DIFT) has been an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. However, many software approaches suffers from large performance degradation and hardware approaches have great logic and storage overhead. In this paper, we propose a flexible, efficient, and light-weight approach to perform DIFT based on secure page allocation, PIFT. Instead of associating each data value with a taint tag, we aggregate data according to their taints, i.e., putting data with different attributes in different types of memory pages. Our approach is a compile-aided process that allows the compiler to allocate trusted/untrusted information into different memory pages. Our implementation and analysis show that the memory overhead is little, and the approach can protect critical information, like return address, indirect jump address, and system call arguments, from being overwritten by malicious data.
+
Dynamic information flow tracking (DIFT) has been an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. However, many software approaches suffers from large performance degradation and hardware approaches have great logic and storage overhead.  
 +
 
 +
We propose a flexible, efficient, and light-weight approach to perform DIFT based on secure page allocation, PIFT. Instead of associating each data value with a taint tag, we aggregate data according to their taints, i.e., putting data with different attributes in different types of memory pages.  
 +
 
 +
Our approach is a compile-aided process that allows the compiler to allocate trusted/untrusted information into different memory pages. Our implementation and analysis show that the memory overhead is little, and the approach can protect critical information, like return address, indirect jump address, and system call arguments, from being overwritten by malicious data.

Revision as of 15:26, 27 June 2011

Abstract

Dynamic information flow tracking (DIFT) has been an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. However, many software approaches suffers from large performance degradation and hardware approaches have great logic and storage overhead.

We propose a flexible, efficient, and light-weight approach to perform DIFT based on secure page allocation, PIFT. Instead of associating each data value with a taint tag, we aggregate data according to their taints, i.e., putting data with different attributes in different types of memory pages.

Our approach is a compile-aided process that allows the compiler to allocate trusted/untrusted information into different memory pages. Our implementation and analysis show that the memory overhead is little, and the approach can protect critical information, like return address, indirect jump address, and system call arguments, from being overwritten by malicious data.





Whos here now:   Members 0   Guests 0   Bots & Crawlers 1
 
Retrieved from "http://nueess.coe.neu.edu/nueess/index.php/Dynamic_Information_Flow_Tracking"
Personal tools