Dam: A Practical Scheme to Mitigate Data-Oriented Attacks with Tagged Memory Based on Hardware

The widespread deployment of unsafe programming languages such as C and C++, leaves many programs vulnerable to memory corruption attacks. With the continuous improvement of control-flow hijacking defense methods, recent works on data-oriented attacks including Data-oriented Exploits (DOE), Data-oriented Programming (DOP), and Block-oriented Programming (BOP) have been showed that these attacks can cause significant threat even in the presence of control-flow defense mechanism. Moreover, DFI (Date Flow Integrity) is a software-only approach for mitigating data-oriented attacks, while it incurs a 104% performance overhead. There are no suitable defense methods for such attacks as yet. In this paper, we propose Dam, a practical scheme to mitigate data-oriented attacks with tagged memory based on hardware. Dam is a novel approach using the idea of tagged memory to break data-flow stitching and gadgets dispatcher of generating data-oriented attacks rather than complete DFI. By enforcing security checking on memory access, Dam eliminates two requirements in constructing a valid data-oriented attack. We have implemented Dam by extending lowRISC, a RISC-V based SoC (System of a Chip) that implements tagged memory. And our evaluation results show that our scheme has an average performance cost of 6.48%, while Dam provides source compatibility and strong security.