KPDFI: Efficient data flow integrity based on key property against data corruption attack

Abstract

Data corruption attack (DCA) poses a severe threat to computer systems, corrupting in-memory data to subvert the intended control/data flow and impose arbitrary behavior. Data-Flow Integrity (DFI) guarantees legal data memory write to prevent it. Unfortunately, DFIs for all data adopt imprecise analysis and generate frequent memory access. Although enforcing DFI for partial data implies fewer checks and less cost, it weakens security. Therefore, existing DFIs suffer from an unsolved paradox: protecting all data limits its performance, and protecting partial data degrades its security. This paper presents KPDFI, a DFI only for DCA-related data, to resolve this paradox. We first propose the Key Property (KP) based on the DCA and a KP-based data selection strategy to define the DCA-related data, called key_data. KPDFI ameliorates the redundancy of the key_data legal write sets with a more precise field-sensitive and context-sensitive pointer analysis and propagation analysis. Since DCA only makes the data flow of key_data abnormal, KPDFI requires code instrumentation of only a small portion of the program code for DFI checking. We implement a KPDFI enforcement framework based on LLVM. We conduct numerous assessments for KPDFI. The experimental results prove that KPDFI is a security-enhanced and lightweight approach that mitigates the widespread DCA with an acceptable performance overhead (9.53%).