Principles of Data Flow Integrity: Specification and Enforcement

被引:0
|
作者
Ramezanifarkhani, Toktam [1 ]
Razzazi, Mohammadreza [1 ]
机构
[1] Amirkabir Univ Technol, Dept Comp Engn & IT, Tehran 158754413, Iran
来源
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING | 2015年 / 31卷 / 02期
关键词
data flow analysis; data flow integrity; reference monitor; security policy; dynamic enforcement;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Subverting runtime data flow is common in many current software attacks. Data Flow Integrity (DFI) is a policy whose satisfaction can prevent such attacks. This paper develops a formal foundation on DFI specification, and characteristics of its enforcement techniques with formulations of hypotheses and guarantees. Enforcement techniques are based on static analysis and program monitoring at runtime. This foundation can be used for practical satisfaction of DFI and help establish guarantees in every applied platform.
引用
收藏
页码:529 / 546
页数:18
相关论文
共 50 条
  • [31] Legal Principles in Antitrust Enforcement
    Houba, Harold
    Motchenkova, Evgenia
    Wen, Quan
    [J]. SCANDINAVIAN JOURNAL OF ECONOMICS, 2018, 120 (03): : 859 - 893
  • [32] Principles of Law: Problems of Enforcement
    Velichinskaya, Yuliya N.
    [J]. PRAVO-ZHURNAL VYSSHEI SHKOLY EKONOMIKI, 2022, (01): : 180 - 207
  • [33] An architecture for specification-based detection of semantic integrity violations in kernel dynamic data
    Petroni, Nick L., Jr.
    Fraser, Timothy
    Walters, Aaron
    Arbaugh, William A.
    [J]. USENIX ASSOCIATION PROCEEDINGS OF THE 15TH USENIX SECURITY SYMPOSIUM, 2006, : 289 - 304
  • [34] PCFIRE: Towards Provable Preventative Control-Flow Integrity Enforcement for Realistic Embedded Software
    Tan, Jiaqi
    Tay, Hui Jun
    Drolia, Utsav
    Gandhi, Rajeev
    Narasimhan, Priya
    [J]. 2016 PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE (EMSOFT), 2016,
  • [35] ACE-M: Automated Control Flow Integrity Enforcement Based on MPUs at the Function Level
    Lee, Sungbin
    Cho, Jeonghun
    [J]. ELECTRONICS, 2022, 11 (06)
  • [36] Hacking and Artificial Intelligence in Radiology: Basic Principles of Data Integrity and Security
    Ritenour, E. Russell
    [J]. CONTEMPORARY DIAGNOSTIC RADIOLOGY, 2023, 46 (05) : 1 - 7
  • [37] SEMANTICALLY EXTENDED DATA FLOW DIAGRAMS - A FORMAL SPECIFICATION TOOL
    FRANCE, RB
    [J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1992, 18 (04) : 329 - 346
  • [38] Optimized Data-Flow Integrity for Modern Compilers
    Diez-Franco, Irene
    Ugarte-Pedrero, Xabier
    Garcia-Bringas, Pablo
    [J]. IEEE ACCESS, 2024, 12 : 124171 - 124182
  • [39] Securing software by enforcing data-flow integrity
    Castro, Miguel
    Costa, Manuel
    Harris, Tim
    [J]. Usenix Association 7th Usenix Symposium on Operating Systems Design and Implementation, 2006, : 147 - 160
  • [40] Enforcing Kernel Security Invariants with Data Flow Integrity
    Song, Chengyu
    Lee, Byoungyoung
    Lu, Kangjie
    Harris, William
    Kim, Taesoo
    Lee, Wenke
    [J]. 23RD ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2016), 2016,
12345