Exploitation techniques and defenses for data-oriented attacks

Long Cheng, Hans Liljestrand, Md Salman Ahmed, Thomas Nyman, Trent Jaeger, N. Asokan, Danfeng Daphne Yao

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this systematization of knowledge (SoK) paper, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming attacks, to their assumptions/requirements and attack capabilities. We also compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. Then we discuss the possible frequency anomalies of data-oriented attacks, especially the frequency anomalies of DOP attacks with experimental proofs. It is generally believed that control flows may not be useful for data-oriented security. How-ever, the frequency anomalies show that data-oriented attacks (especially DOP attacks) may generate side-effects on control-flow behavior in multiple dimensions. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.

Original languageEnglish (US)
Title of host publicationProceedings - 2019 IEEE Secure Development, SecDev 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages114-128
Number of pages15
ISBN (Electronic)9781538672891
DOIs
StatePublished - Sep 2019
Event2019 IEEE Secure Development, SecDev 2019 - McLean, United States
Duration: Sep 25 2019Sep 27 2019

Publication series

NameProceedings - 2019 IEEE Secure Development, SecDev 2019

Conference

Conference2019 IEEE Secure Development, SecDev 2019
CountryUnited States
CityMcLean
Period9/25/199/27/19

Fingerprint

Flow control

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality

Cite this

Cheng, L., Liljestrand, H., Ahmed, M. S., Nyman, T., Jaeger, T., Asokan, N., & Yao, D. D. (2019). Exploitation techniques and defenses for data-oriented attacks. In Proceedings - 2019 IEEE Secure Development, SecDev 2019 (pp. 114-128). [8901549] (Proceedings - 2019 IEEE Secure Development, SecDev 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SecDev.2019.00022
Cheng, Long ; Liljestrand, Hans ; Ahmed, Md Salman ; Nyman, Thomas ; Jaeger, Trent ; Asokan, N. ; Yao, Danfeng Daphne. / Exploitation techniques and defenses for data-oriented attacks. Proceedings - 2019 IEEE Secure Development, SecDev 2019. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 114-128 (Proceedings - 2019 IEEE Secure Development, SecDev 2019).
@inproceedings{e3afc94ca70047bd865500cbe97b7187,
title = "Exploitation techniques and defenses for data-oriented attacks",
abstract = "Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this systematization of knowledge (SoK) paper, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming attacks, to their assumptions/requirements and attack capabilities. We also compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. Then we discuss the possible frequency anomalies of data-oriented attacks, especially the frequency anomalies of DOP attacks with experimental proofs. It is generally believed that control flows may not be useful for data-oriented security. How-ever, the frequency anomalies show that data-oriented attacks (especially DOP attacks) may generate side-effects on control-flow behavior in multiple dimensions. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.",
author = "Long Cheng and Hans Liljestrand and Ahmed, {Md Salman} and Thomas Nyman and Trent Jaeger and N. Asokan and Yao, {Danfeng Daphne}",
year = "2019",
month = "9",
doi = "10.1109/SecDev.2019.00022",
language = "English (US)",
series = "Proceedings - 2019 IEEE Secure Development, SecDev 2019",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "114--128",
booktitle = "Proceedings - 2019 IEEE Secure Development, SecDev 2019",
address = "United States",

}

Cheng, L, Liljestrand, H, Ahmed, MS, Nyman, T, Jaeger, T, Asokan, N & Yao, DD 2019, Exploitation techniques and defenses for data-oriented attacks. in Proceedings - 2019 IEEE Secure Development, SecDev 2019., 8901549, Proceedings - 2019 IEEE Secure Development, SecDev 2019, Institute of Electrical and Electronics Engineers Inc., pp. 114-128, 2019 IEEE Secure Development, SecDev 2019, McLean, United States, 9/25/19. https://doi.org/10.1109/SecDev.2019.00022

Exploitation techniques and defenses for data-oriented attacks. / Cheng, Long; Liljestrand, Hans; Ahmed, Md Salman; Nyman, Thomas; Jaeger, Trent; Asokan, N.; Yao, Danfeng Daphne.

Proceedings - 2019 IEEE Secure Development, SecDev 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 114-128 8901549 (Proceedings - 2019 IEEE Secure Development, SecDev 2019).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Exploitation techniques and defenses for data-oriented attacks

AU - Cheng, Long

AU - Liljestrand, Hans

AU - Ahmed, Md Salman

AU - Nyman, Thomas

AU - Jaeger, Trent

AU - Asokan, N.

AU - Yao, Danfeng Daphne

PY - 2019/9

Y1 - 2019/9

N2 - Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this systematization of knowledge (SoK) paper, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming attacks, to their assumptions/requirements and attack capabilities. We also compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. Then we discuss the possible frequency anomalies of data-oriented attacks, especially the frequency anomalies of DOP attacks with experimental proofs. It is generally believed that control flows may not be useful for data-oriented security. How-ever, the frequency anomalies show that data-oriented attacks (especially DOP attacks) may generate side-effects on control-flow behavior in multiple dimensions. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.

AB - Data-oriented attacks manipulate non-control data to alter a program's benign behavior without violating its control-flow integrity. It has been shown that such attacks can cause significant damage even in the presence of control-flow defense mechanisms. However, these threats have not been adequately addressed. In this systematization of knowledge (SoK) paper, we first map data-oriented exploits, including Data-Oriented Programming (DOP) and Block-Oriented Programming attacks, to their assumptions/requirements and attack capabilities. We also compare known defenses against these attacks, in terms of approach, detection capabilities, overhead, and compatibility. Then we discuss the possible frequency anomalies of data-oriented attacks, especially the frequency anomalies of DOP attacks with experimental proofs. It is generally believed that control flows may not be useful for data-oriented security. How-ever, the frequency anomalies show that data-oriented attacks (especially DOP attacks) may generate side-effects on control-flow behavior in multiple dimensions. In the end, we discuss challenges for building deployable data-oriented defenses and open research questions.

UR - http://www.scopus.com/inward/record.url?scp=85075784963&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85075784963&partnerID=8YFLogxK

U2 - 10.1109/SecDev.2019.00022

DO - 10.1109/SecDev.2019.00022

M3 - Conference contribution

AN - SCOPUS:85075784963

T3 - Proceedings - 2019 IEEE Secure Development, SecDev 2019

SP - 114

EP - 128

BT - Proceedings - 2019 IEEE Secure Development, SecDev 2019

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Cheng L, Liljestrand H, Ahmed MS, Nyman T, Jaeger T, Asokan N et al. Exploitation techniques and defenses for data-oriented attacks. In Proceedings - 2019 IEEE Secure Development, SecDev 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 114-128. 8901549. (Proceedings - 2019 IEEE Secure Development, SecDev 2019). https://doi.org/10.1109/SecDev.2019.00022