ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Secure program execution via dynamic information flow tracking
Full text PdfPdf (263 KB)
Source Architectural Support for Programming Languages and Operating Systems archive
Proceedings of the 11th international conference on Architectural support for programming languages and operating systems table of contents
Boston, MA, USA
SESSION: Security table of contents
Pages: 85 - 96  
Year of Publication: 2004
ISBN:1-58113-804-0
Also published in ...
Authors
G. Edward Suh  Massachusetts Institute of Technology, Cambridge, MA
Jae W. Lee  Massachusetts Institute of Technology, Cambridge, MA
David Zhang  Massachusetts Institute of Technology, Cambridge, MA
Srinivas Devadas  Massachusetts Institute of Technology, Cambridge, MA
Sponsors
SIGPLAN: ACM Special Interest Group on Programming Languages
SIGOPS: ACM Special Interest Group on Operating Systems
SIGARCH: ACM Special Interest Group on Computer Architecture
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 24,   Downloads (12 Months): 225,   Citation Count: 65
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1024393.1024404
What is a DOI?

ABSTRACT

We present a simple architectural mechanism called dynamic information flow tracking that can significantly improve the security of computing systems with negligible performance overhead. Dynamic information flow tracking protects programs against malicious software attacks by identifying spurious information flows from untrusted I/O and restricting the usage of the spurious information.Every security attack to take control of a program needs to transfer the program's control to malevolent code. In our approach, the operating system identifies a set of input channels as spurious, and the processor tracks all information flows from those inputs. A broad range of attacks are effectively defeated by checking the use of the spurious values as instructions and pointers.Our protection is transparent to users or application programmers; the executables can be used without any modification. Also, our scheme only incurs, on average, a memory overhead of 1.4% and a performance overhead of 1.1%.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
A. Baratloo, T. Tsai, and N. Singh. Transparent run-time defense against stack smashing attacks. In Proceedings of the USENIX Annual Technical Conference, 2000.
 
2
D. Burger and T. M. Austin. The SimpleScalar Tool Set, Version 2.0. Technical report, University of Wisconsin-Madison Computer Science Department, 1997.
 
3
C. Cowan, M. Barringer, S. Beattie, and G. Kroah-Hartman. FormatGuard: Automatic protection from printf format string vulnerabilities, 2001. In 10th USENIX Security Symposium, Washington, D.C., August 2001.
 
4
C. Cowan, S. Beattie, J. Johansen, and P. Wagle. PointGuard: Protecting pointers from buffer overflow vulnerabilities. In Proceedings of the 12th USENIX Security Symposium, 2003.
 
5
C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proc. 7th USENIX Security Symposium, pages 63--78, San Antonio, Texas, Jan. 1998.
 
6
S. Designer. Non-executable user stack. http://www.openwall.com/linux/.
7
Vinod Ganapathy , Somesh Jha , David Chandler , David Melski , David Vitek, Buffer overrun detection using linear programming and static analysis, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA  [doi>10.1145/948109.948155]
 
8
John L. Henning, SPEC CPU2000: Measuring CPU Performance in the New Millennium, Computer, v.33 n.7, p.28-35, July 2000  [doi>10.1109/2.869367]
 
9
Trevor Jim , J. Greg Morrisett , Dan Grossman , Michael W. Hicks , James Cheney , Yanling Wang, Cyclone: A Safe Dialect of C, Proceedings of the General Track: 2002 USENIX Annual Technical Conference, p.275-288, June 10-15, 2002
 
10
R. Jones and P. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. In Proceedings of the 3rd International Workshop on Automatic Debugging, 1997.
 
11
Vladimir Kiriansky , Derek Bruening , Saman P. Amarasinghe, Secure Execution via Program Shepherding, Proceedings of the 11th USENIX Security Symposium, p.191-206, August 05-09, 2002
 
12
K. Lawton, B. Denney, N. D. Guarneri, V. Ruppert, and C. Bothamy. Bochs user manual. http://bochs.sourceforge.net/.
 
13
R. B. Lee, D. K. Karig, J. P. McGregor, and Z. Shi. Enlisting hardware architecture to thwart malicious code injection. In Proceedings of the 2003 International Conference on Security in Pervasive Computing, 2003.
14
George C. Necula , Scott McPeak , Westley Weimer, CCured: type-safe retrofitting of legacy code, Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.128-139, January 16-18, 2002, Portland, Oregon
 
15
T. Newsham. Format string attacks. Guardent, Inc., September 2000. http://www.securityfocus.com/guest/3342.
 
16
A. One. Smashing the stack for fun and profit. Phrack, 7(49), Nov. 1996.
 
17
PaX Team. Non executable data pages. http://pageexec.virtualave.net/pageexec.txt.
 
18
O. Ruwase and M. S. Lam. A practical dynamic buffer overflow detector. In Proceedings of the 11th Annual Network and Distributed System Security Symposium, 2004.
19
Harry J. Saal , Israel Gat, A hardware architecture for controlling information flow, Proceedings of the 5th annual symposium on Computer architecture, p.73-77, April 03-05, 1978  [doi>10.1145/800094.803030]
 
20
Scut. Exploiting format string vulnerabilities. TESO Security Group, September 2001. http://www.team-teso.net/articles/formatstring.
 
21
U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Automated detection of format-string vulnerabilities using type qualifiers. In Proceedings of the 10th USENIX Security Symposium, 2001.
 
22
P. Shivakumar and N. J. Jouppi. CACTI 3.0: An integrated cache timing, power, and area model. Technical report, WRL Research Report, Feb. 2001.
 
23
Vendicator. Stackshield: A "stack smashing" technique protection tool for linux. http://www.angelfire.com/sk/stackshield/.
 
24
J. Wilander and M. Kamkar. A comparison of publicly available tools for dynamic buffer overflow prevention. In Proceedings of the 10th Annual Network and Distributed System Security Symposium, 2003.
25
Emmett Witchel , Josh Cates , Krste Asanović, Mondrian memory protection, Proceedings of the 10th international conference on Architectural support for programming languages and operating systems, October 05-09, 2002, San Jose, California
 
26
J. Xu, Z. Kalbarczjk, S. Patel, and R. K. Iyer. Architecture support for defending against buffer overflow attacks. In Proceedings of the 2nd Workshop on Evaluating and Architecting System dependability (EASY), 2002.

CITED BY  65
Mazen Kharbutli , Xiaowei Jiang , Yan Solihin , Guru Venkataramani , Milos Prvulovic, Comprehensively and efficiently protecting the heap, ACM SIGPLAN Notices, v.41 n.11, November 2006
Jedidiah R. Crandall , Frederic T. Chong, A security assessment of the minos architecture, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
Milena Milenković , Aleksandar Milenković , Emil Jovanov, Using instruction block signatures to counter code injection attacks, ACM SIGARCH Computer Architecture News, v.33 n.1, March 2005
Manuel Costa , Jon Crowcroft , Miguel Castro , Antony Rowstron , Lidong Zhou , Lintao Zhang , Paul Barham, Vigilante: end-to-end containment of internet worms, ACM SIGOPS Operating Systems Review, v.39 n.5, December 2005
Tao Zhang , Xiaotong Zhuang , Santosh Pande , Wenke Lee, Anomalous path detection with hardware support, Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems, September 24-27, 2005, San Francisco, California, USA
Divya Arora , Anand Raghunathan , Srivaths Ravi , Niraj K. Jha, Enhancing security through hardware-assisted run-time validation of program data properties, Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, September 19-21, 2005, Jersey City, NJ, USA
Martín Abadi , Mihai Budiu , Úlfar Erlingsson , Jay Ligatti, Control-flow integrity, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
Milena Milenković , Aleksandar Milenković , Emil Jovanov, Hardware support for code integrity in embedded processors, Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems, September 24-27, 2005, San Francisco, California, USA
Micha Moffie , David Kaeli, ASM: application security monitor, ACM SIGARCH Computer Architecture News, v.33 n.5, December 2005
Michael E. Locasto , Angelos Stavrou , Gabriela F. Cretu , Angelos D. Keromytis, From STEM to SEAD: speculative execution for automated defense, 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference, p.1-14, June 17-22, 2007, Santa Clara, CA
Christof Fetzer , Martin Süßkraut, Switchblade: enforcing dynamic personalized system call models, ACM SIGOPS Operating Systems Review, v.42 n.4, May 2008
Jedidiah R. Crandall , Frederic T. Chong, Minos: Control Data Attack Prevention Orthogonal to Memory Model, Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture, p.221-232, December 04-08, 2004, Portland, Oregon
Jedidiah R. Crandall , S. Felix Wu , Frederic T. Chong, Minos: Architectural support for protecting control data, ACM Transactions on Architecture and Code Optimization (TACO), v.3 n.4, p.359-389, December 2006
Shashidhar Mysore , Banit Agrawal , Navin Srivastava , Sheng-Chih Lin , Kaustav Banerjee , Tim Sherwood, Introspective 3D chips, ACM SIGOPS Operating Systems Review, v.40 n.5, December 2006
Xuxian Jiang , Dongyan Xu, Profiling self-propagating worms via behavioral footprinting, Proceedings of the 4th ACM workshop on Recurring malcode, November 03-03, 2006, Alexandria, Virginia, USA
Michael E. Locasto , Stelios Sidiroglou , Angelos D. Keromytis, Speculative virtual verification: policy-constrained speculative execution, Proceedings of the 2005 workshop on New security paradigms, September 20-23, 2005, Lake Arrowhead, California
Mihai Budiu , Úlfar Erlingsson , Martín Abadi, Architectural support for software-based protection, Proceedings of the 1st workshop on Architectural and system support for improving software dependability, p.42-51, October 21-21, 2006, San Jose, California
Jingfei Kong , Cliff C. Zou , Huiyang Zhou, Improving software security via runtime instruction-level taint checking, Proceedings of the 1st workshop on Architectural and system support for improving software dependability, p.18-24, October 21-21, 2006, San Jose, California
Alex Ho , Michael Fetterman , Christopher Clark , Andrew Warfield , Steven Hand, Practical taint-based protection using demand emulation, ACM SIGOPS Operating Systems Review, v.40 n.4, October 2006
Shuo Chen , Jun Xu , Emre C. Sezer , Prachi Gauriar , Ravishankar K. Iyer, Non-control-data attacks are realistic threats, Proceedings of the 14th conference on USENIX Security Symposium, p.12-12, July 31-August 05, 2005, Baltimore, MD
James Newsome , Stephen McCamant , Dawn Song, Measuring channel capacity to distinguish undue influence, Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, June 15-21, 2009, Dublin, Ireland
Michael Dalton , Hari Kannan , Christos Kozyrakis, Raksha: a flexible information flow architecture for software security, ACM SIGARCH Computer Architecture News, v.35 n.2, May 2007
Avik Chaudhuri , Prasad Naldurg , Sriram Rajamani, A type system for data-flow integrity on windows vista, Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security, June 07-13, 2008, Tucson, AZ, USA
James Clause , Wanchun Li , Alessandro Orso, Dytan: a generic dynamic taint analysis framework, Proceedings of the 2007 international symposium on Software testing and analysis, July 09-12, 2007, London, United Kingdom
Divya Arora , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Architectural support for run-time validation of program data properties, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.15 n.5, p.546-559, May 2007
Radim Ballner , Pavel Tvrdik, MOOSS2: a CPU with support for HLL memory structures, Proceedings of the third conference on IASTED International Conference: Advances in Computer Science and Technology, p.7-16, April 02-04, 2007, Phuket, Thailand
Krerk Piromsopa , Richard J. Enbody, Architecting security: a secure implementation of hardware buffer-overflow protection, Proceedings of the third conference on IASTED International Conference: Advances in Computer Science and Technology, p.17-22, April 02-04, 2007, Phuket, Thailand
Weidong Shi , Hsien-Hsin S. Lee , Laura `Falk , Mrinmoy Ghosh, An Integrated Framework for Dependable and Revivable Architectures Using Multicore Processors, ACM SIGARCH Computer Architecture News, v.34 n.2, p.102-113, May 2006
Xiaotong Zhuang , Tao Zhang , Santosh Pande, Using Branch Correlation to Identify Infeasible Paths for Anomaly Detection, Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, p.113-122, December 09-13, 2006
Feng Qin , Cheng Wang , Zhenmin Li , Ho-seop Kim , Yuanyuan Zhou , Youfeng Wu, LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks, Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, p.135-148, December 09-13, 2006
Prateek Saxena , R Sekar , Varun Puranik, Efficient fine-grained binary instrumentationwith applications to taint-tracking, Proceedings of the sixth annual IEEE/ACM international symposium on Code generation and optimization, April 05-09, 2008, Boston, MA, USA
Shvetank Jain , Fareha Shafique , Vladan Djeric , Ashvin Goel, Application-level isolation and recovery with solitude, ACM SIGOPS Operating Systems Review, v.42 n.4, May 2008
Vijay Nagarajan , Rajiv Gupta, Support for symmetric shadow memory in multiprocessors, Proceedings of the 6th workshop on Parallel and distributed systems: testing, analysis, and debugging, p.1-9, July 20-21, 2008, Seattle, Washington
Susanta Nanda , Lap-Chung Lam , Tzi-cker Chiueh, Dynamic multi-process information flow tracking for web application security, Proceedings of the 8th ACM/IFIP/USENIX international conference on Middleware, November 26-30, 2007, Newport Beach, California
Juan Caballero , Heng Yin , Zhenkai Liang , Dawn Song, Polyglot: automatic extraction of protocol message format using dynamic binary analysis, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
Olatunji Ruwase , Phillip B. Gibbons , Todd C. Mowry , Vijaya Ramachandran , Shimin Chen , Michael Kozuch , Michael Ryan, Parallelizing dynamic information flow tracking, Proceedings of the twentieth annual symposium on Parallelism in algorithms and architectures, June 14-16, 2008, Munich, Germany
Paritosh Shroff , Scott F. Smith , Mark Thober, Securing information flow via dynamic capture of dependencies, Journal of Computer Security, v.16 n.5, p.637-688, November 2008
Stephen McCamant , Michael D. Ernst, Quantitative information flow as network flow capacity, ACM SIGPLAN Notices, v.43 n.6, June 2008
Miguel Castro , Manuel Costa , Tim Harris, Securing software by enforcing data-flow integrity, Proceedings of the 7th symposium on Operating systems design and implementation, November 06-08, 2006, Seattle, Washington
Shufu Mao , Tilman Wolf, Hardware support for secure processing in embedded systems, Proceedings of the 44th annual conference on Design automation, June 04-08, 2007, San Diego, California
Heng Yin , Dawn Song , Manuel Egele , Christopher Kruegel , Engin Kirda, Panorama: capturing system-wide information flow for malware detection and analysis, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
Shashidhar Mysore , Bita Mazloom , Banit Agrawal , Timothy Sherwood, Understanding and visualizing full systems with data flow tomography, ACM SIGARCH Computer Architecture News, v.36 n.1, March 2008
Aleksandar Milenkovic , Milena Milenkovic , Emil Jovanov, An efficient runtime instruction block verification for secure embedded systems, Journal of Embedded Computing, v.2 n.1, p.57-76, January 2006
Weidong Cui , Marcus Peinado , Karl Chen , Helen J. Wang , Luis Irun-Briz, Tupni: automatic reverse engineering of input formats, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Shimin Chen , Michael Kozuch , Theodoros Strigkos , Babak Falsafi , Phillip B. Gibbons , Todd C. Mowry , Vijaya Ramachandran , Olatunji Ruwase , Michael Ryan , Evangelos Vlachos, Flexible Hardware Acceleration for Instruction-Grain Program Monitoring, ACM SIGARCH Computer Architecture News, v.36 n.3, p.377-388, June 2008
Haibo Chen , Xi Wu , Liwei Yuan , Binyu Zang , Pen-chung Yew , Frederic T. Chong, From Speculation to Security: Practical and Efficient Information Flow Tracking Using Speculative Hardware, ACM SIGARCH Computer Architecture News, v.36 n.3, p.401-412, June 2008
Walter Chang , Brandon Streiff , Calvin Lin, Efficient and extensible security enforcement using dynamic data flow analysis, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Wes Masri , Andy Podgurski, Algorithms and tool support for dynamic information flow analysis, Information and Software Technology, v.51 n.2, p.385-404, February, 2009
Shashidhar Mysore , Banit Agrawal , Navin Srivastava , Sheng-Chih Lin , Kaustav Banerjee , Timothy Sherwood, 3D Integration for Introspection, IEEE Micro, v.27 n.1, p.77-83, January 2007
Brian L. Sharp , Gregory D. Peterson , Lok Kwong Yan, Extending hardware based mandatory access controls for memory to multicore architectures, Proceedings of the 4th annual workshop on Cyber security and informaiton intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead, May 12-14, 2008, Oak Ridge, Tennessee
Vijay Nagarajan , Rajiv Gupta, Architectural support for shadow memory in multiprocessors, Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, March 11-13, 2009, Washington, DC, USA
Avik Chaudhuri , Prasad Naldurg , Sriram Rajamani, A type system for data-flow integrity on Windows Vista, ACM SIGPLAN Notices, v.43 n.12, December 2008
Manuel Costa , Jon Crowcroft , Miguel Castro , Antony Rowstron , Lidong Zhou , Lintao Zhang , Paul Barham, Vigilante: End-to-end containment of Internet worm epidemics, ACM Transactions on Computer Systems (TOCS), v.26 n.4, p.1-68, December 2008
Xiaofeng Wang , Zhuowei Li , Jong Youl Choi , Jun Xu , Michael K. Reiter , Chongkyung Kil, Fast and Black-box Exploit Detection and Signature Generation for Commodity Software, ACM Transactions on Information and System Security (TISSEC), v.12 n.2, p.1-35, December 2008
Divya Arora , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Hardware-assisted run-time monitoring for secure program execution on embedded processors, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.14 n.12, p.1295-1308, December 2006
Mohit Tiwari , Banit Agrawal , Shashidhar Mysore , Jonathan Valamehr , Timothy Sherwood, A small cache of large ranges: Hardware methods for efficiently searching, storing, and updating big dataflow tags, Proceedings of the 2008 41st IEEE/ACM International Symposium on Microarchitecture, p.94-105, November 08-12, 2008
Joseph L. Greathouse , Ilya Wagner , David A. Ramos , Gautam Bhatnagar , Todd Austin , Valeria Bertacco , Seth Pettie, Testudo: Heavyweight security analysis via statistical sampling, Proceedings of the 2008 41st IEEE/ACM International Symposium on Microarchitecture, p.117-128, November 08-12, 2008
Mohit Tiwari , Hassan M.G. Wassel , Bita Mazloom , Shashidhar Mysore , Frederic T. Chong , Timothy Sherwood, Complete information flow tracking from the gates up, ACM SIGPLAN Notices, v.44 n.3, March 2009
Martin Dimitrov , Huiyang Zhou, Anomaly-based bug prediction, isolation, and validation: an automated approach for software debugging, ACM SIGPLAN Notices, v.44 n.3, March 2009
Ravi Chugh , Jeffrey A. Meister , Ranjit Jhala , Sorin Lerner, Staged information flow for javascript, ACM SIGPLAN Notices, v.44 n.6, June 2009
Vijay Nagarajan , Rajiv Gupta, Runtime monitoring on multicores via OASES, ACM SIGOPS Operating Systems Review, v.43 n.2, April 2009
Vijay Nagarajan , Dennis Jeffrey , Rajiv Gupta, Self-recovery in server programs, Proceedings of the 2009 international symposium on Memory management, June 19-20, 2009, Dublin, Ireland
Sanjay Rawat , Ashutosh Saxena, Application security code analysis: a step towards software assurance, International Journal of Information and Computer Security, v.3 n.1, p.86-110, June 2009
Vijay Nagarajan , Rajiv Gupta, ECMon: exposing cache events for monitoring, ACM SIGARCH Computer Architecture News, v.37 n.3, June 2009
Guru Venkataramani , Ioannis Doudalis , Yan Solihin , Milos Prvulovic, MemTracker: An accelerator for memory debugging and monitoring, ACM Transactions on Architecture and Code Optimization (TACO), v.6 n.2, p.1-33, June 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.1 PROCESSOR ARCHITECTURES
      C.1.m Miscellaneous

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection


General Terms:
Design, Performance, Security


Keywords:
buffer overflow, format string, hardware tagging

Collaborative Colleagues:
G. Edward Suh: colleagues
Jae W. Lee: colleagues
David Zhang: colleagues
Srinivas Devadas: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player