Exploitation Techniques for Data-oriented Attacks with Existing and Potential Defense Approaches-Reference-Cited by-同舟云学术

Exploitation Techniques for Data-oriented Attacks with Existing and Potential Defense Approaches

Published:2021-11-30 Issue:4 Volume:24 Page:1-36
ISSN:2471-2566
Container-title:ACM Transactions on Privacy and Security
language:en
Short-container-title:ACM Trans. Priv. Secur.

Author:

Cheng Long¹,Ahmed Salman²,Liljestrand Hans³,Nyman Thomas⁴,Cai Haipeng⁵,Jaeger Trent⁶,Asokan N.³,Yao Danfeng (Daphne)²

Affiliation:

1. School of Computing, Clemson University, USA

2. Department of Computer Science, Virginia Tech, USA

3. David R. Cheriton School of Computer Science, University of Waterloo, Canada

4. Department of Computer Science, Aalto University, Finland

5. School of Electrical Engineering and Computer Science, Washington State University, USA

6. Department of Computer Science and Engineering, Pennsylvania State University, USA

Abstract

Data-oriented attacks manipulate non-control data to alter a program’s benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this survey article, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming (BOP) attacks, to their assumptions/requirements and attack capabilities. Then, we compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. It is generally believed that control flows may not be useful for data-oriented security. However, data-oriented attacks (especially DOP attacks) may generate side effects on control-flow behaviors in multiple dimensions (i.e., incompatible branch behaviors and frequency anomalies). We also characterize control-flow anomalies caused by data-oriented attacks. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.

Funder

National Science Foundation

Publisher

Association for Computing Machinery (ACM)

Subject

Safety, Risk, Reliability and Quality,General Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3462699

Reference125 articles.

1. Control-flow integrity principles, implementations, and applications

2. C-FLAT

3. Methodologies for Quantifying (Re-)randomization Security and Timing under JIT-ROP

4. Preventing Memory Error Exploits with WIT

5. Starr Andersen and Vincent Abella. 2004. Data Execution Prevention. Changes to Functionality in Microsoft Windows XP Service Pack 2 Part 3: Memory Protection Technologies. Starr Andersen and Vincent Abella. 2004. Data Execution Prevention. Changes to Functionality in Microsoft Windows XP Service Pack 2 Part 3: Memory Protection Technologies.

Cited by 8 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Interp-flow Hijacking: Launching Non-control Data Attack via Hijacking eBPF Interpretation Flow;Lecture Notes in Computer Science;2024

2. DSLR–: A low-overhead data structure layout randomization for defending data-oriented programming;Journal of Computer Security;2023-11-24

3. Cryptographically Enforced Memory Safety;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15

4. Assessing the Impact of Efficiently Protecting Ten Million Stack Objects from Memory Errors Comprehensively;2023 IEEE Secure Development Conference (SecDev);2023-10-18

5. SecDINT: Preventing Data-oriented Attacks via Intel SGX Escorted Data Integrity;2023 IEEE Conference on Communications and Network Security (CNS);2023-10-02