標題: Embedded TaintTracker: Lightweight Tracking of Taint Data against Buffer Overflow Attacks
作者: Lin, Ying-Dar
Wu, Fan-Cheng
Huang, Tze-Yau
Lai, Yuan-Cheng
Lin, Frank C.
資訊工程學系
Department of Computer Science
關鍵字: Software security;buffer overflow;taint tracking
公開日期: 2010
摘要: Taint tracking is a novel technique to prevent buffer overflow. Previous studies on taint tracking ran a victim's program on an emulator to dynamically instrument the code for tracking the propagation of taint data in memory and checking whether malicious code is executed. However, the critical problem of this approach is its heavy performance overhead. This paper proposes a new taint-style system called Embedded TaintTracker to eliminate the overhead in the emulator and dynamic instrumentation by compressing a checking mechanism into the operating system (OS) kernel and moving the instrumentation from runtime to compilation time. Results show that the proposed system outperforms the previous work, TaintCheck, by at least 8 times on throughput degradation, and is about 17.5 times faster than TaintCheck when browsing 1KB web pages.
URI: http://hdl.handle.net/11536/26142
ISBN: 978-1-4244-6404-3
ISSN: 1550-3607
期刊: 2010 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS
Appears in Collections:Conferences Paper