Hardware-Based Adversary-Controlled States Tracking
Title | Hardware-Based Adversary-Controlled States Tracking |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Li, W., Ma, Y., Yang, Q., Li, M. |
Conference Name | 2018 IEEE 4th International Conference on Computer and Communications (ICCC) |
ISBN Number | 978-1-5386-8339-2 |
Keywords | classic dynamic taint analysis method, code-reuse attack, composability, control flow, dynimic taint analysis, Hardware, Hardware-based Adversary-controlled States, HAST, Human Behavior, Linux, Linux applications, memory data, memory vulnerabilities, Pipelines, program diagnostics, Programming, pubcrawl, Registers, Resiliency, return oriented programming, rop attacks, Scalability, security of data, Software, software security challenges, target tracking |
Abstract | Return Oriented Programming is one of the most important software security challenges nowadays. It exploits memory vulnerabilities to control the state of the program and hijacks its control flow. Existing defenses usually focus on how to protect the control flow or face the challenge of how to maintain the taint markings for memory data. In this paper, we directly focus on the adversary-controlled states, simplify the classic dynamic taint analysis method to only track registers and propose Hardware-based Adversary-controlled States Tracking (HAST). HAST dynamically tracks registers that may be controlled by the adversary to detect ROP attack. It is transparent to user application and makes few modifications to existing hardware. Our evaluation demonstrates that HAST will introduce almost no performance overhead and can effectively detect ROP attacks without false positives on the tested common Linux applications. |
URL | https://ieeexplore.ieee.org/document/8780740 |
DOI | 10.1109/CompComm.2018.8780740 |
Citation Key | li_hardware-based_2018 |
- Pipelines
- target tracking
- software security challenges
- Software
- security of data
- Scalability
- rop attacks
- return oriented programming
- Resiliency
- Registers
- pubcrawl
- programming
- program diagnostics
- classic dynamic taint analysis method
- memory vulnerabilities
- memory data
- Linux applications
- Linux
- Human behavior
- HAST
- Hardware-based Adversary-controlled States
- Hardware
- dynimic taint analysis
- control flow
- composability
- code-reuse attack