Optimized data-flow integrity for modern compilers
| dc.contributor.author | Díez Franco, Irene | |
| dc.contributor.author | Ugarte Pedrero, Xabier | |
| dc.contributor.author | García Bringas, Pablo | |
| dc.date.accessioned | 2025-03-05T07:57:33Z | |
| dc.date.available | 2025-03-05T07:57:33Z | |
| dc.date.issued | 2024 | |
| dc.date.updated | 2025-03-05T07:57:33Z | |
| dc.description.abstract | Non-control-data attacks are those attacks that purely target and modify the non-control data of a program, such as boolean values, user input or configuration parameters, and leave the control flow of a program untouched. These attacks were considered a niche due to the high difficulty in crafting attacks that do not modify the control flow. However, in recent years researchers have already demonstrated that non-control-data attacks can be automatically constructed and that they pose a significant threat because they can compromise critical and widely used software, such as web browsers and the Linux kernel. Moreover, they can also be used to disable or bypass state-of-the-art software security techniques, such as control-flow integrity. The most promising technique to protect against non-control-data attacks is data-flow integrity, however, modern compilers do not implement this protection yet. In this work we present an optimized data-flow integrity implementation for modern compilers that reduces the amount of basic blocks that need to be protected in an average of 45.8%, it also has broader security guarantees due to its more precise static analysis. Finally, we evaluate the completeness of our optimized data-flow integrity implementation. | en |
| dc.description.sponsorship | This work was supported in part by the Elkartek CERBERO Project of Basque Government under Grant KK-2024/00022. The work of Irene Díez-Franco was supported in part by the Pre-Doctoral Grant by the Basque Government | en |
| dc.identifier.citation | Díez-Franco, I., Ugarte-Pedrero, X., & García-Bringas, P. (2024). Optimized Data-Flow Integrity for Modern Compilers. IEEE Access, 12, 124171-124182. https://doi.org/10.1109/ACCESS.2024.3454551 | |
| dc.identifier.doi | 10.1109/ACCESS.2024.3454551 | |
| dc.identifier.eissn | 2169-3536 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14454/2452 | |
| dc.language.iso | eng | |
| dc.publisher | Institute of Electrical and Electronics Engineers Inc. | |
| dc.rights | © 2024 The Authors | |
| dc.subject.other | Compilers | |
| dc.subject.other | Data-flow integrity | |
| dc.subject.other | Non-control-data attacks | |
| dc.subject.other | Program analysis | |
| dc.subject.other | Security vulnerabilities | |
| dc.subject.other | Systems security | |
| dc.title | Optimized data-flow integrity for modern compilers | en |
| dc.type | journal article | |
| dcterms.accessRights | open access | |
| oaire.citation.endPage | 124182 | |
| oaire.citation.startPage | 124171 | |
| oaire.citation.title | IEEE Access | |
| oaire.citation.volume | 12 | |
| oaire.licenseCondition | https://creativecommons.org/licenses/by/4.0/ | |
| oaire.version | VoR |
Archivos
Bloque original
1 - 1 de 1
Cargando...
- Nombre:
- diez_optimized_2024.pdf
- Tamaño:
- 743.59 KB
- Formato:
- Adobe Portable Document Format