Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
EUROSYS
2006
ACM
2006
ACM
Practical taint-based protection using demand emulation
Many software attacks are based on injecting malicious code into a target host. This paper demonstrates the use of a wellknown technique, data tainting, to track data received from the network as it propagates through a system and to prevent its execution. Unlike past approaches to taint tracking, which track tainted data by running the system completely in an emulator or simulator, resulting in considerable execution overhead, our work demonstrates the ability to dynamically switch a running system between virtualized and emulated execution. Using this technique, we are able to explore hardware support for taint-based protection that is deployable in real-world situations, as emulation is only used when tainted data is being processed by the CPU. By modifying the CPU, memory, and I/O devices to support taint tracking and protection, we guarantee that data received from the network may not be executed, even if it is written to, and later read from disk. We demonstrate near native spee...
Real-time TrafficConsiderable Execution Overhead | EUROSYS 2006 | Little Taint Data | System Software | Taint Tracking |
Related Content
| Added | 10 Mar 2010 |
| Updated | 10 Mar 2010 |
| Type | Conference |
| Year | 2006 |
| Where | EUROSYS |
| Authors | Alex Ho, Michael A. Fetterman, Christopher Clark, Andrew Warfield, Steven Hand |
Comments (0)
Researcher Info
|
