2012 | OriginalPaper | Buchkapitel
A Memory Access Validation Scheme against Payload Injection Attacks
verfasst von : Dongkyun Ahn, Gyungho Lee
Erschienen in: Research in Attacks, Intrusions, and Defenses
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
The authenticity of a piece of data or an instruction is crucial in mitigating threats from various forms of software attacks. In spite of various features against malicious attacks exploiting spurious data, adversaries have been successful in circumventing such protections. This paper proposes a memory access validation scheme that manages information on spurious data at the granularity of cache line size. A validation unit based on the proposed scheme answers queries from other components in the processor so that spurious data can be blocked before control flow diversion. We describe the design of this validation unit as well as its integration into the memory hierarchy of a modern processor and assess its memory requirement and performance impact with two simulators. The experimental results show that our scheme is able to detect the synthesized payload injection attacks and to manage taint information with moderate memory overhead under acceptable performance impact.