A memory access validation scheme against payload injection attacks

Dongkyun Ahn, Kyung Ho Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The authenticity of a piece of data or an instruction is crucial in mitigating threats from various forms of software attacks. In spite of various features against malicious attacks exploiting spurious data, adversaries have been successful in circumventing such protections. This paper proposes a memory access validation scheme that manages information on spurious data at the granularity of cache line size. A validation unit based on the proposed scheme answers queries from other components in the processor so that spurious data can be blocked before control flow diversion. We describe the design of this validation unit as well as its integration into the memory hierarchy of a modern processor and assess its memory requirement and performance impact with two simulators. The experimental results show that our scheme is able to detect the synthesized payload injection attacks and to manage taint information with moderate memory overhead under acceptable performance impact.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages107-126
Number of pages20
Volume7462 LNCS
DOIs
Publication statusPublished - 2012 Oct 30
Event15th International Symposium on Research in Attacks, Intrusions, and Defenses, RAID 2012 - Amsterdam, Netherlands
Duration: 2012 Sep 122012 Sep 14

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7462 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other15th International Symposium on Research in Attacks, Intrusions, and Defenses, RAID 2012
CountryNetherlands
CityAmsterdam
Period12/9/1212/9/14

Fingerprint

Injection
Attack
Data storage equipment
Memory Hierarchy
Unit
Flow Control
Granularity
Flow control
Cache
Simulator
Simulators
Query
Software
Line
Requirements
Experimental Results

Keywords

  • Code injection attack
  • Information flow tracking
  • Memory access validation
  • Return-oriented programming
  • Return-to-libc attack

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Cite this

Ahn, D., & Lee, K. H. (2012). A memory access validation scheme against payload injection attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7462 LNCS, pp. 107-126). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7462 LNCS). https://doi.org/10.1007/978-3-642-33338-5_6

A memory access validation scheme against payload injection attacks. / Ahn, Dongkyun; Lee, Kyung Ho.

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7462 LNCS 2012. p. 107-126 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7462 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ahn, D & Lee, KH 2012, A memory access validation scheme against payload injection attacks. in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 7462 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7462 LNCS, pp. 107-126, 15th International Symposium on Research in Attacks, Intrusions, and Defenses, RAID 2012, Amsterdam, Netherlands, 12/9/12. https://doi.org/10.1007/978-3-642-33338-5_6
Ahn D, Lee KH. A memory access validation scheme against payload injection attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7462 LNCS. 2012. p. 107-126. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-642-33338-5_6
Ahn, Dongkyun ; Lee, Kyung Ho. / A memory access validation scheme against payload injection attacks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol. 7462 LNCS 2012. pp. 107-126 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{4ee38273e3d94553a52b6350e7f382bd,
title = "A memory access validation scheme against payload injection attacks",
abstract = "The authenticity of a piece of data or an instruction is crucial in mitigating threats from various forms of software attacks. In spite of various features against malicious attacks exploiting spurious data, adversaries have been successful in circumventing such protections. This paper proposes a memory access validation scheme that manages information on spurious data at the granularity of cache line size. A validation unit based on the proposed scheme answers queries from other components in the processor so that spurious data can be blocked before control flow diversion. We describe the design of this validation unit as well as its integration into the memory hierarchy of a modern processor and assess its memory requirement and performance impact with two simulators. The experimental results show that our scheme is able to detect the synthesized payload injection attacks and to manage taint information with moderate memory overhead under acceptable performance impact.",
keywords = "Code injection attack, Information flow tracking, Memory access validation, Return-oriented programming, Return-to-libc attack",
author = "Dongkyun Ahn and Lee, {Kyung Ho}",
year = "2012",
month = "10",
day = "30",
doi = "10.1007/978-3-642-33338-5_6",
language = "English",
isbn = "9783642333378",
volume = "7462 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "107--126",
booktitle = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

}

TY - GEN

T1 - A memory access validation scheme against payload injection attacks

AU - Ahn, Dongkyun

AU - Lee, Kyung Ho

PY - 2012/10/30

Y1 - 2012/10/30

N2 - The authenticity of a piece of data or an instruction is crucial in mitigating threats from various forms of software attacks. In spite of various features against malicious attacks exploiting spurious data, adversaries have been successful in circumventing such protections. This paper proposes a memory access validation scheme that manages information on spurious data at the granularity of cache line size. A validation unit based on the proposed scheme answers queries from other components in the processor so that spurious data can be blocked before control flow diversion. We describe the design of this validation unit as well as its integration into the memory hierarchy of a modern processor and assess its memory requirement and performance impact with two simulators. The experimental results show that our scheme is able to detect the synthesized payload injection attacks and to manage taint information with moderate memory overhead under acceptable performance impact.

AB - The authenticity of a piece of data or an instruction is crucial in mitigating threats from various forms of software attacks. In spite of various features against malicious attacks exploiting spurious data, adversaries have been successful in circumventing such protections. This paper proposes a memory access validation scheme that manages information on spurious data at the granularity of cache line size. A validation unit based on the proposed scheme answers queries from other components in the processor so that spurious data can be blocked before control flow diversion. We describe the design of this validation unit as well as its integration into the memory hierarchy of a modern processor and assess its memory requirement and performance impact with two simulators. The experimental results show that our scheme is able to detect the synthesized payload injection attacks and to manage taint information with moderate memory overhead under acceptable performance impact.

KW - Code injection attack

KW - Information flow tracking

KW - Memory access validation

KW - Return-oriented programming

KW - Return-to-libc attack

UR - http://www.scopus.com/inward/record.url?scp=84867865856&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84867865856&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-33338-5_6

DO - 10.1007/978-3-642-33338-5_6

M3 - Conference contribution

AN - SCOPUS:84867865856

SN - 9783642333378

VL - 7462 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 107

EP - 126

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -