2020-03-262020-03-262012CASES'12 - Proceedings of the 2012 ACM International Conference on Compilers, Architectures and Synthesis for Embedded Systems, Co-located with ESWEEK; pp. 27-369781450314244https://hdl.handle.net/20.500.12585/9091Dynamic information flow tracking (DIFT) is an effective security countermeasure for both low-level memory corruptions and high-level semantic attacks. However, many software approaches suffer large performance degradation, and hardware approaches have high logic and storage overhead. We propose a flexible and light-weight hardware/software co-design approach to perform DIFT based on secure page allocation. Instead of associating every data with a taint tag, we aggregate data according to their taints, i.e., putting data with different attributes in separate memory pages. Our approach is a compiler-aided process with architecture support. The implementation and analysis show that the memory overhead is little, and our approach can protect critical information, including return address, indirect jump address, and system call IDs, from being overwritten by malicious users. Copyright 2012 ACM.Recurso electrónicoapplication/pdfenghttp://creativecommons.org/licenses/by-nc-nd/4.0/info:eu-repo/semantics/conferenceObject10.1145/2380403.2380415Dynamic information flow trackingSecurity attacksStatic control flow analysisCritical informationDynamic information flow trackingHardware-software codesignHigh level semanticsLight weightMemory corruptionMemory overheadsMemory pagesPage allocationPerformance degradationSecurity attacksSecurity countermeasuresSoftware approachStatic controlStorage overheadSystem callsEmbedded systemsHardwareProgram compilersSemanticsDigital storageinfo:eu-repo/semantics/restrictedAccessAtribución-NoComercial 4.0 InternacionalUniversidad Tecnológica de BolívarRepositorio UTB26325154200710305945735225236800