Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Secure Execution Via Program Shepherding Vladimir Kiriansky, Derek Bruening, Saman Amarasinghe
 

Summary: Secure Execution Via Program Shepherding
Vladimir Kiriansky, Derek Bruening, Saman Amarasinghe
Laboratory for Computer Science
Massachusetts Institute of Technology
Cambridge, MA 02139

vlk,iye,saman¡ @lcs.mit.edu
Abstract
We introduce program shepherding, a method for moni-
toring control flow transfers during program execution to
enforce a security policy. Program shepherding provides
three techniques as building blocks for security policies.
First, shepherding can restrict execution privileges on
the basis of code origins. This distinction can ensure
that malicious code masquerading as data is never exe-
cuted, thwarting a large class of security attacks. Sec-
ond, shepherding can restrict control transfers based on
instruction class, source, and target. For example, shep-
herding can forbid execution of shared library code ex-
cept through declared entry points, and can ensure that a

  

Source: Amarasinghe, Saman - Computer Science and Artificial Intelligence Laboratory & Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (MIT)
Yang, Junfeng - Department of Computer Science, Columbia University
Zhang, Xiangyu - Department of Computer Sciences, Purdue University

 

Collections: Computer Technologies and Information Sciences