http://blogs.fp6-noah.org/noah an ark of honeypot knowledge... Tue, 07 Jul 2009 14:35:20 +0000 http://wordpress.org/?v=2.8.4 en hourly 1 http://blogs.fp6-noah.org/noah/wit-write-integrity-checking/ http://blogs.fp6-noah.org/noah/wit-write-integrity-checking/#comments Wed, 23 Apr 2008 14:19:43 +0000 Vrije Universiteit, Amsterdam http://blogs.fp6-noah.org/noah/wit-write-integrity-checking/ Cool stuff from the people at MSR Cambridge. Their latest Oakland paper on write integrity checking provides a nice solution for various memory exploits that may otherwise lead to a machine being compromised. Their method uses point-to-analysis at compile time to generate the control flow graph as well as the set of objects that can be written by each instruction. It then instruments these instructions to make sure that they do not write into with objects that are not in the set (and also to ensure that indirect control flow transfers are valid). Runtime overhead is very small. I guess the main catch is that you have to sit on the source code – which is not the case for anyone other than Microsoft. Nevertheless, very good work.

]]> http://blogs.fp6-noah.org/noah/wit-write-integrity-checking/feed/ 0