Neutralizing manipulation of critical data by enforcing data-instruction dependency

Abstract

In this paper, we propose a new approach to neutralize attacks that tamper with critical program data. Our technique uses a sequence of instructions as a trap against the illicit modification of the critical data. In a nutshell, we set up a dependency such that the continued execution of the program is contingent upon the successful execution of the instruction sequence and the successful execution of the instruction sequence is contingent upon the integrity of the critical data. In particular, we discuss a specific implementation of our technique focusing on a critical data that is often subject to malicious manipulation: the return address of a function. We show that our technique can be an effective countermeasure to defend against attacks that overwrite the return address to divert control to a malicious code. We further show that our technique offers significant protection without resorting to complementary defenses such as ASLR, DEP or StackGuard.