Securing software by enforcing data-flow integrity

A somewhat older paper. DFI goes beyond detecting control flow attacks to also handle criticial variables being overwritten (look at the SSH exploit). This solution requires source code and recompilation, but despite some limitations it’s very impressive.

http://research.microsoft.com/~manuelc/MS/dfiOSDI.pdf

Like this:

Be the first to like this post.

This entry was posted on November 14, 2008 at 13:01 and is filed under Systems Security with tags compilers, Security. You can follow any responses to this entry through the RSS 2.0 feed You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply Cancel reply

Enter your comment here...

Please log in using one of these methods to post your comment:

Email (Not published)

Name

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Papers I have read and you should too.