Visible to the public Hardware-Based Adversary-Controlled States Tracking

TitleHardware-Based Adversary-Controlled States Tracking
Publication TypeConference Paper
Year of Publication2018
AuthorsLi, W., Ma, Y., Yang, Q., Li, M.
Conference Name2018 IEEE 4th International Conference on Computer and Communications (ICCC)
ISBN Number978-1-5386-8339-2
Keywordsclassic dynamic taint analysis method, code-reuse attack, composability, control flow, dynimic taint analysis, Hardware, Hardware-based Adversary-controlled States, HAST, Human Behavior, Linux, Linux applications, memory data, memory vulnerabilities, Pipelines, program diagnostics, Programming, pubcrawl, Registers, Resiliency, return oriented programming, rop attacks, Scalability, security of data, Software, software security challenges, target tracking

Return Oriented Programming is one of the most important software security challenges nowadays. It exploits memory vulnerabilities to control the state of the program and hijacks its control flow. Existing defenses usually focus on how to protect the control flow or face the challenge of how to maintain the taint markings for memory data. In this paper, we directly focus on the adversary-controlled states, simplify the classic dynamic taint analysis method to only track registers and propose Hardware-based Adversary-controlled States Tracking (HAST). HAST dynamically tracks registers that may be controlled by the adversary to detect ROP attack. It is transparent to user application and makes few modifications to existing hardware. Our evaluation demonstrates that HAST will introduce almost no performance overhead and can effectively detect ROP attacks without false positives on the tested common Linux applications.

Citation Keyli_hardware-based_2018