TY - GEN
T1 - Exploitation techniques and defenses for data-oriented attacks
AU - Cheng, Long
AU - Liljestrand, Hans
AU - Ahmed, Md Salman
AU - Nyman, Thomas
AU - Jaeger, Trent
AU - Asokan, N.
AU - Yao, Danfeng Daphne
PY - 2019/9
Y1 - 2019/9
N2 - Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this systematization of knowledge (SoK) paper, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming attacks, to their assumptions/requirements and attack capabilities. We also compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. Then we discuss the possible frequency anomalies of data-oriented attacks, especially the frequency anomalies of DOP attacks with experimental proofs. It is generally believed that control flows may not be useful for data-oriented security. How-ever, the frequency anomalies show that data-oriented attacks (especially DOP attacks) may generate side-effects on control-flow behavior in multiple dimensions. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.
AB - Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this systematization of knowledge (SoK) paper, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming attacks, to their assumptions/requirements and attack capabilities. We also compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. Then we discuss the possible frequency anomalies of data-oriented attacks, especially the frequency anomalies of DOP attacks with experimental proofs. It is generally believed that control flows may not be useful for data-oriented security. How-ever, the frequency anomalies show that data-oriented attacks (especially DOP attacks) may generate side-effects on control-flow behavior in multiple dimensions. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.
UR - http://www.scopus.com/inward/record.url?scp=85075784963&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85075784963&partnerID=8YFLogxK
U2 - 10.1109/SecDev.2019.00022
DO - 10.1109/SecDev.2019.00022
M3 - Conference contribution
T3 - Proceedings - 2019 IEEE Secure Development, SecDev 2019
SP - 114
EP - 128
BT - Proceedings - 2019 IEEE Secure Development, SecDev 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2019 IEEE Secure Development, SecDev 2019
Y2 - 25 September 2019 through 27 September 2019
ER -