Security researchers have been focusing on developing mitigation and protection mechanisms against code-injection and code-reuse attacks. Modern defences focus on protecting the legitimate control-flow of a program, nevertheless they cannot withstand a more subtle type of attack, non-control-data attacks, since they follow the legitimate control flow, and thus leave no trace. Data-Flow Integrity (DFI) is a defence mechanism which aims to protect programs against non-control-data attacks. DFI uses static analysis to compute the data-flow graph of a program, and then, enforce at runtime that the data-flow of the program follows the legitimate path; otherwise the execution is aborted. In this paper, we review the state of the techniques to generate noncontrol- data attacks and present the state of DFI methods.
CITATION STYLE
Díez-Franco, I., & Santos, I. (2017). Data is flowing in the wind: A review of data-flow integrity methods to overcome non-control-data attacks. In Advances in Intelligent Systems and Computing (Vol. 527, pp. 536–544). Springer Verlag. https://doi.org/10.1007/978-3-319-47364-2_52
Mendeley helps you to discover research relevant for your work.