Pointless Tainting? Evaluating the Practicality of Pointer Tainting

Download Now
Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
This paper evaluates pointer tainting, an incarnation of Dynamic Information Flow Tracking (DIFT), which has recently become an important technique in system security. Pointer tainting has been used for two main purposes: detection of privacy-breaching malware (e.g., Trojan key-loggers obtaining the characters typed by a user), and detection of memory corruption attacks against non-control data (e.g., a buffer overflow that modifies a user's privilege level). In both of these cases the attacker does not modify control data such as stored branch targets, so the control flow of the target program does not change.
Download Now

Find By Topic