TRUVIN: Lightweight Detection of Data-Oriented Attacks Through Trusted Value Integrity

Data-oriented attacks, where the adversary corrupts critical program data in memory, remain one of the most challenging security threats to address. Because the attacker does not touch any code or code pointers, data-oriented attacks are able to circumvent common defence strategies such as data execution prevention or control-flow protection. Dataflow integrity (DFI) techniques can mitigate these attacks by detecting corruption of any program data. However, due to high performance costs, these techniques are not widely adopted in practice. This paper presents TRUVIN, a lightweight scheme that addresses data-oriented attacks by focusing on only those variables which are crucial to the integrity assurance. Instead of checking every memory operation, TRUVIN selectively instruments program data originating from only trusted agents (e.g., the programmer), as they are considered critical to the runtime integrity. Our scheme analyses the program at compile time, and generates instrumentation only for the necessary operations. TRUVIN reduces the performance cost by a factor of 4.3 on average with 28% overhead compared to full instrumentation (121%), while retaining the security guarantees.