Resumen de An effective taint‐based software vulnerability miner - Dialnet

Ir al contenido

Ayuda

Resumen de An effective taint‐based software vulnerability miner

Zhi Liu, Xiaosong Zhang, Yue Wu, Chen Ting

Purpose – The purpose of this paper is to propose an approach to detect Indirect Memory‐Corruption Exploit (IMCE) at runtime on binary code, which is often caused by integer conversion error. Real‐world attacks were evaluated for experimentation.

Design/methodology/approach – Current dynamic analysis detects attacks by enforcing low level policy which can only detect control‐flow hijacking attack. The proposed approach detects IMCE with high level policy enforcement using dynamic taint analysis. Unlike low‐level policy enforced on instruction level, the authors' policy is imposed on memory operation routine. The authors implemented a fine‐grained taint analysis system with accurate taint propagation for detection.

Findings – Conversion errors are common and most of them are legitimate. Taint analysis with high‐level policy can accurately block IMCE but have false positives. Proper design of data structures to maintain taint tag can greatly improve overhead.

Originality/value – This paper proposes an approach to block IMCE with high‐level policy enforcement using taint analysis. It has very low false negatives, though still causes certain false positives. The authors made several implementation contributions to strengthen accuracy and performance.

Fundación Dialnet

Acceso de usuarios registrados

Imagen de identificación

¿Olvidó su contraseña?

¿Es nuevo? Regístrese

Ventajas de registrarse

Dialnet Plus

© 2001-2024 Fundación Dialnet · Todos los derechos reservados

Coordinado por: