Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ASPLOS
2006
ACM
2006
ACM
Improving software security via runtime instruction-level taint checking
Current taint checking architectures monitor tainted data usage mainly with control transfer instructions. An alarm is raised once the program counter becomes tainted. However, such architectures are not effective against non-control data attacks. In this paper we present a generic instructionlevel runtime taint checking architecture for handling noncontrol data attacks. Under our architecture, instructions are classified as either Taintless-Instructions or TaintedInstructions prior to program execution. An instruction is called a Tainted-Instruction if it is supposed to deal with tainted data. Otherwise it is called a Taintless-Instruction. A security alert is raised whenever a Taintless-Instruction encounters tainted data at runtime. The proposed architecture is implemented on the SimpleScalar simulator. The preliminary results from experiments on SPEC CPU 2000 benchmarks show that there are a significant amount of Taintless-Instructions. We also demonstrate effective usages of ...
Real-time TrafficASPLOS 2006 | Data Attacks | Monitor Tainted Data | Programming Languages | Taint Checking Architecture |
| Added | 13 Jun 2010 |
| Updated | 13 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | ASPLOS |
| Authors | Jingfei Kong, Cliff Changchun Zou, Huiyang Zhou |
Comments (0)
Researcher Info
|
