KPDFI: Efficient data flow integrity based on key property against data corruption attack. Issue 128 (May 2023)
- Record Type:
- Journal Article
- Title:
- KPDFI: Efficient data flow integrity based on key property against data corruption attack. Issue 128 (May 2023)
- Main Title:
- KPDFI: Efficient data flow integrity based on key property against data corruption attack
- Authors:
- Nie, Xiaofan
Chen, Liwei
Wei, Haolai
Zhang, Yuantong
Cui, Ningning
Shi, Gang - Abstract:
- Abstract: Data corruption attack (DCA) poses a severe threat to computer systems, corrupting in-memory data to subvert the intended control/data flow and impose arbitrary behavior. Data-Flow Integrity (DFI) guarantees legal data memory write to prevent it. Unfortunately, DFIs for all data adopt imprecise analysis and generate frequent memory access. Although enforcing DFI for partial data implies fewer checks and less cost, it weakens security. Therefore, existing DFIs suffer from an unsolved paradox: protecting all data limits its performance, and protecting partial data degrades its security. This paper presents KPDFI, a DFI only for DCA-related data, to resolve this paradox. We first propose the Key Property (KP) based on the DCA and a KP-based data selection strategy to define the DCA-related data, called key_data . KPDFI ameliorates the redundancy of the key_data legal write sets with a more precise field-sensitive and context-sensitive pointer analysis and propagation analysis. Since DCA only makes the data flow of key_data abnormal, KPDFI requires code instrumentation of only a small portion of the program code for DFI checking. We implement a KPDFI enforcement framework based on LLVM. We conduct numerous assessments for KPDFI. The experimental results prove that KPDFI is a security-enhanced and lightweight approach that mitigates the widespread DCA with an acceptable performance overhead (9.53%).
- Is Part Of:
- Computers & security. Issue 128(2023)
- Journal:
- Computers & security
- Issue:
- Issue 128(2023)
- Issue Display:
- Volume 128, Issue 128 (2023)
- Year:
- 2023
- Volume:
- 128
- Issue:
- 128
- Issue Sort Value:
- 2023-0128-0128-0000
- Page Start:
- Page End:
- Publication Date:
- 2023-05
- Subjects:
- Data-Flow Integrity -- Data corruption attack -- Key Property -- Software security -- Runtime protection
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2023.103183 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 26894.xml