Bilbao, España
Security researchers have been focusing on developing mitigation and protection mechanisms against code-injection and code-reuse attacks. Modern defences focus on protecting the legitimate control-flowof a program, nevertheless they cannot withstand a more subtle type of attack, non-control-data attacks, since they follow the legitimate control flow, and thus leave no trace. Data-Flow Integrity(DFI) is a defence mechanism which aims to protect programs against non-control-data attacks. DFI uses static analysis to compute the data-flow graph of a program, and then, enforce at runtime that the data-flow of the program follows the legitimate path; otherwise the execution is aborted.In this paper, we review the state of the techniques to generate non-control-data attacks and present the state of DFI methods.
© 2001-2024 Fundación Dialnet · Todos los derechos reservados