New methods for the integrity of the data flow in operating systems and their applications
| dc.contributor.advisor | Bringas, Pablo García | |
| dc.contributor.advisor | Ugarte Pedrero, Xabier | |
| dc.contributor.author | Díez Franco, Irene | |
| dc.date.accessioned | 2026-02-20T09:13:19Z | |
| dc.date.available | 2026-02-20T09:13:19Z | |
| dc.date.issued | 2025-03-05 | |
| dc.description.abstract | Thanks to the widespread deployment of information security techniques that protect applications and operating systems against control flow hijacking attacks, malicious actors face increased difficulties to exploit computer systems. This, however, has a downside, attackers are becoming more imaginative and try to find new and increasingly complex vulnerability exploitation techniques. One of these new techniques is based on exploiting the non-control data of a program with malicious intent, and the unfortunate news is that neither operating systems nor their applications currently deploy any known defences against this kind of attacks. In this dissertation we propose a compiler-based optimised defence based on the data-flow integrity property that allows practitioners to compile applications with security mechanisms in order to provide defences against non-control-data attacks. This defence has been built on top of the GCC compiler, allowing a widespread adoption and usage by any C application that can be compiled with GCC. Our implementation is set apart from previous works in the granularity and precision of its static analysis, providing broader security guarantees. Moreover, we provide two novel optimisations that on one hand give full control to the users so that they can define which types of non-control-data they wish to protect in their applications, and on the other hand allow to reduce the amount of basic blocks that the GCC compiler needs to protect by 45.8% in average, whilst maintaining the security guarantees. | eng |
| dc.identifier.uri | https://hdl.handle.net/20.500.14454/5177 | |
| dc.language.iso | eng | |
| dc.publisher | Universidad de Deusto | |
| dc.subject | Matemáticas | |
| dc.subject | Ciencia de los ordenadores | |
| dc.subject | Inteligencia artificial | |
| dc.subject | Matemáticas | |
| dc.subject | Ciencia de los ordenadores | |
| dc.subject | Informática | |
| dc.title | New methods for the integrity of the data flow in operating systems and their applications | eng |
| dc.type | doctoral thesis |
Archivos
Bloque original
1 - 1 de 1
Cargando...
- Nombre:
- Díez_new methods_2025.pdf
- Tamaño:
- 598.19 KB
- Formato:
- Adobe Portable Document Format