Securing software by enforcing data-flow integrity

Software attacks often subvert the intended data-flow in a vulnerable program. For example, attackers exploit buffer overflows and format string vulnerabilities to write data to unintended locations. We present a simple technique that prevents these attacks by enforcing data-flow integrity. It computes a data-flow graph using static analysis, and it instruments the program to ensure that the flow of data at runtime is allowed by the data-flow graph. We describe an efficient implementation of data-flow integrity enforcement that uses static analysis to reduce the instrumentation overhead. This implementation can be used in practice to detect a broad class of attacks and errors because it can be applied automatically to C and C++ programs without modifications, it does not have false positives, and it has low overhead.

PDF file

In  Symposium on Operating Systems Design and Implementation (OSDI)

Publisher  USENIX
All copyrights reserved by USENIX 2006


InstitutionMicrosoft Research
> Publications > Securing software by enforcing data-flow integrity