Embedded TaintTracker : Lightweight Run-Time Tracking of Taint Data against Buffer Overflow Attacks

この論文にアクセスする

この論文をさがす

著者

    • LAI Yuan-Cheng
    • Department of Information Management, National Taiwan University of Science and Technology
    • LIN Ying-Dar
    • Department of Computer Science, National Chiao Tung University
    • WU Fan-Cheng
    • Department of Computer Science, National Chiao Tung University
    • HUANG Tze-Yau
    • Department of Computer Science, National Chiao Tung University

抄録

A buffer overflow attack occurs when a program writes data outside the allocated memory in an attempt to invade a system. Approximately forty percent of all software vulnerabilities over the past several years are attributed to buffer overflow. Taint tracking is a novel technique to prevent buffer overflow. Previous studies on taint tracking ran a victim's program on an emulator to dynamically instrument the code for tracking the propagation of taint data in memory and checking whether malicious code is executed. However, the critical problem of this approach is its heavy performance overhead. Analysis of this overhead shows that 60% of the overhead is from the emulator, and the remaining 40% is from dynamic instrumentation and taint information maintenance. This article proposes a new taint-style system called Embedded TaintTracker to eliminate the overhead in the emulator and dynamic instrumentation by compressing a checking mechanism into the operating system (OS) kernel and moving the instrumentation from runtime to compilation time. Results show that the proposed system outperforms the previous work, TaintCheck, by at least 8 times on throughput degradation, and is about 17.5 times faster than TaintCheck when browsing 1KB web pages.

収録刊行物

  • IEICE transactions on information and systems

    IEICE transactions on information and systems 94(11), 2129-2138, 2011-11-01

    一般社団法人 電子情報通信学会

参考文献:  25件中 1-25件 を表示

被引用文献:  1件中 1-1件 を表示

各種コード

  • NII論文ID(NAID)
    10030193803
  • NII書誌ID(NCID)
    AA10826272
  • 本文言語コード
    ENG
  • 資料種別
    ART
  • ISSN
    09168532
  • データ提供元
    CJP書誌  CJP引用  J-STAGE 
ページトップへ