| Smirnov and Chiueh have continued the work and implemented a more complex GCC patch called DIRA. Apart from the separate stack with copies of return addresses, DIRA keeps copies of function pointer values in a special buffer. Every time a function pointer is dereferenced it is compared with the stored value. DIRA also keeps track of memory updates at run-time and uses this information to perform a roll-back if an attack against a return address or function pointer is detected. Updates to files or local variables are not tracked and can thus not be rolled back. DIRA also does simple data-flow analysis to track external data connected to the attack. Performance overhead varies between 8 % and 60 %. (Wil05) |
| •owl:Thing |
| •sec:Countermeasure |
| •sec:MemoryProtection |
| •CopyingAndCheckingTargetData |
| •DIRA |
| •CompilerPatch |
| •DIRA |
| dc:source | http://www.isoc.org/isoc/conferences/ndss/05/proceedings/papers/dira.pdf |
Class(DIRA partial CompilerPatch
CopyingAndCheckingTargetData)