Abstract | ||
---|---|---|
Programs written in languages allowing direct access to memory through pointers often contain memory-related faults, which cause nondeterministic failures and security vulnerabilities. We present a new dynamic tainting technique to detect illegal memory accesses. When memory is allocated, at runtime, we taint both the memory and the corresponding pointer using the same taint mark. Taint marks are then propagated and checked every time a memory address m is accessed through a pointer p; if the associated taint marks differ, an illegal access is reported. To allow always-on checking using a low overhead, hardware-assisted implementation, we make several key technical decisions. We use a configurable, low number of reusable taint marks instead of a unique mark for each allocated area of memory, reducing the performance overhead without losing the ability to target most memory-related faults. We also define the technique at the binary level, which helps handle applications using third-party libraries whose source code is unavailable. We created a software-only prototype of our technique and simulated a hardware-assisted implementation. Our results show that 1) it identifies a large class of memory-related faults, even when using only two unique taint marks, and 2) a hardware-assisted implementation can achieve performance overheads in single-digit percentages. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1109/TC.2010.215 | Computers, IEEE Transactions |
Keywords | Field | DocType |
efficient memory protection,new dynamic tainting technique,associated taint mark,hardware-assisted implementation,reusable taint mark,taint mark,memory address m,unique taint mark,dynamic tainting,illegal memory access,performance overhead,memory-related fault,computational modeling,prototypes,computer model,processor architecture,hardware,source code,resource management,resource manager,software fault tolerance | Memory protection,Pointer (computer programming),Source code,Computer science,Real-time computing,Software,Taint checking,Memory address,Nondeterministic algorithm,Parallel computing,Software fault tolerance,Operating system,Embedded system | Journal |
Volume | Issue | ISSN |
61 | 1 | 0018-9340 |
Citations | PageRank | References |
6 | 0.41 | 20 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ioannis Doudalis | 1 | 123 | 4.56 |
James A. Clause | 2 | 665 | 27.36 |
Guru Venkataramani | 3 | 394 | 29.49 |
Milos Prvulovic | 4 | 926 | 54.94 |
Alessandro Orso | 5 | 3550 | 172.85 |