KPDFI: Efficient data flow integrity based on key property against data corruption attack.

Comput. Secur.(2023)

Cited 0|Views21
No score
Data corruption attack (DCA) poses a severe threat to computer systems, corrupting in-memory data subvert the intended control/data flow and impose arbitrary behavior. Data-Flow Integrity (DFI) guaran-tees legal data memory write to prevent it. Unfortunately, DFIs for all data adopt imprecise analysis and generate frequent memory access. Although enforcing DFI for partial data implies fewer checks and less cost, it weakens security. Therefore, existing DFIs suffer from an unsolved paradox: protecting all data limits its performance, and protecting partial data degrades its security. This paper presents KPDFI, a DFI only for DCA-related data, to resolve this paradox. We first propose the Key Property (KP) based on the DCA and a KP-based data selection strategy to define the DCA-related data, called key_data. KPDFI ame-liorates the redundancy of the key_data legal write sets with a more precise field-sensitive and context-sensitive pointer analysis and propagation analysis. Since DCA only makes the data flow of key_data ab normal, KPDFI requires code instrumentation of only a small portion of the program code for DFI check ing. We implement a KPDFI enforcement framework based on LLVM. We conduct numerous assessments for KPDFI. The experimental results prove that KPDFI is a security-enhanced and lightweight approach that mitigates the widespread DCA with an acceptable performance overhead (9.53%).(c) 2023 Elsevier Ltd. All rights reserved.
Translated text
Key words
Data-Flow Integrity,Data corruption attack,Key Property,Software security,Runtime protection
AI Read Science
Must-Reading Tree
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined