ASID06 - Improving Software Security via Runtime...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Improving Software Security via Runtime Instruction-Level Taint Checking Jingfei Kong, Cliff C. Zou, Huiyang Zhou School of Electrical Engineering and Computer Science University of Central Florida Orlando, FL 32816 { jfkong,czou,zhou } @cs.ucf.edu ABSTRACT Current taint checking architectures monitor tainted data usage mainly with control transfer instructions. An alarm is raised once the program counter becomes tainted. However, such architectures are not effective against non-control data attacks. In this paper we present a generic instruction- level runtime taint checking architecture for handling non- control data attacks. Under our architecture, instructions are classified as either Taintless-Instructions or Tainted- Instructions prior to program execution. An instruction is called a Tainted-Instruction if it is supposed to deal with tainted data. Otherwise it is called a Taintless-Instruction. A security alert is raised whenever a Taintless-Instruction encounters tainted data at runtime. The proposed archi- tecture is implemented on the SimpleScalar simulator. The preliminary results from experiments on SPEC CPU 2000 benchmarks show that there are a significant amount of Taintless-Instructions. We also demonstrate effective usages of our architecture to detect buffer overflow and format string attacks. Categories and Subject Descriptors C.1 [ Processor Architectures ]: Miscellaneous; D.4.6 [ Operating Systems ]: Security and Protection General Terms Security, Design, Performance Keywords Buffer Overflow, Format String, Hardware Tagging 1. INTRODUCTION The increasing size and complexity of modern software systems lead to an increasing number of security vulnera- bilities. Well-known examples include buffer overflow, heap Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. ASID 06 October 21, 2006, San Jose, California, USA. Copyright 2006 ACM 1-59593-576-2 ... $ 5.00. corruption, format string, integer overflow, etc. By carefully exploiting these vulnerabilities, attackers may cause severe damages to the running process or even ultimately gain the control of victim computers. During the past decade, numerous schemes have been developed against different kinds of security attacks. Among them, mitigation techniques are one very important defend- ing category since it is always difficult to discover and fix program flaws in advance. As a way of providing additional protection to unsafe systems, mitigation techniques usually try to mitigate the consequence of an attack by stopping the malicious behavior from happening upon attack detection....
View Full Document

This note was uploaded on 08/25/2011 for the course EEL 5937 taught by Professor Staff during the Spring '08 term at University of Central Florida.

Page1 / 7

ASID06 - Improving Software Security via Runtime...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online