DocumentCode :
3097183
Title :
FPValidator: Validating Type Equivalence of Function Pointers on the Fly
Author :
Wang, Hua ; Guo, Yao ; Chen, Xiangqun
Author_Institution :
Key Lab. of High Confidence Software Technol. (Minist. of Educ.), Peking Univ., Beijing, China
fYear :
2009
fDate :
7-11 Dec. 2009
Firstpage :
51
Lastpage :
59
Abstract :
Validating function pointers dynamically is very useful for intrusion detection since many runtime attacks exploit function pointer vulnerabilities. Most current solutions tackle this problem through checking whether function pointers target the addresses within the code segment or, more strictly, valid function entries. However, they cannot detect function entry attacks that manipulate function pointers to target valid function entries but invoke them maliciously. This paper proposes FPValidator, a new solution capable of dynamically validating the type equivalence between function pointers and target functions, which can detect all function entry attacks that violate type equivalence. An effective and efficient type matching approach based on labeled type signature is proposed to perform fast type equivalence checking. The validation code and necessary type information are inserted by a compilation-stage instrumentation mechanism, bringing no extra burden to developers. We integrate FPValidator into GCC and evaluation shows that its performance overhead is only about 2%.
Keywords :
security of data; FPValidator; code segment; compilation-stage instrumentation mechanism; function pointer vulnerabilities; intrusion detection; type equivalence checking; type matching; validating function pointers; validating type equivalence; validation code; Application software; Buffer overflow; Computer science education; Computer security; Educational technology; Instruments; Intrusion detection; Laboratories; Runtime; control flow integrity; function pointer; instrumentation; type signature;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Applications Conference, 2009. ACSAC '09. Annual
Conference_Location :
Honolulu, HI
ISSN :
1063-9527
Print_ISBN :
978-0-7695-3919-5
Type :
conf
DOI :
10.1109/ACSAC.2009.15
Filename :
5380518
Link To Document :
بازگشت