We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Improved defense method against non-control-data attacks.
- Authors
LIU Xiao-long; ZHENG Tao
- Abstract
Non-control-data attack is a new attack method which corrupts security data instead of the target program's control data. Existing static analysis methods require recompiling. Dynamic analysis methods have high false-positive and false-negative rate. This paper proposed pointer taint analysis method based on dynamic taint analysis. This method used taint tag and pointer tag to mark memory data. It propagated these two tags during program's execution, and detected attacks when an invalid pointer was dereferenced and this pointer has been manipulated by attackers. It implemented a tool based on dynamic binary instrumentation framework Pin. The results of the experiment show this method can detect control-data attacks and most of non-control-data attacks.
- Subjects
DATA analysis; COMPUTER security; COMPUTER storage devices; COMPUTER programming; COMPUTER systems
- Publication
Application Research of Computers / Jisuanji Yingyong Yanjiu, 2013, Vol 30, Issue 12, p3762
- ISSN
1001-3695
- Publication type
Article
- DOI
10.3969/j.issn.1001-3695.2013.12.063