A Memory-Access Validation Scheme against Payload Injection Attacks
- Authors
- Ahn, Dongkyun; Lee, Gyungho
- Issue Date
- 7월-2015
- Publisher
- IEEE COMPUTER SOC
- Keywords
- Virtual memory; security
- Citation
- IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, v.12, no.4, pp.387 - 399
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
- Volume
- 12
- Number
- 4
- Start Page
- 387
- End Page
- 399
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/93169
- DOI
- 10.1109/TDSC.2014.2355844
- ISSN
- 1545-5971
- Abstract
- The authenticity of a piece of data or an instruction is crucial in mitigating threats from various forms of software attack. In spite of the various forms of protection against malicious attacks exploiting spurious data, adversaries have been successful in circumventing such protection. This paper proposes a memory-access validation scheme that manages information on spurious data at the granularity of the cache line size. A validation unit based on the proposed scheme answers queries from other components in the processor so that spurious data can be blocked before control flow diversion. We describe the design of this validation unit as well as its integration into the memory hierarchy of a modern processor and assess its memory requirement and performance impact with two simulators. The experimental results show that our scheme is able to detect synthesized payload injection attacks and to manage taint information with a moderate memory overhead under an acceptable performance impact.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - College of Informatics > Department of Computer Science and Engineering > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.