Towards a Formal Foundation of Protection against Data-Oriented Attacks

A data-oriented attack allows an adversary to rewrite data values stored in memories by manipulating data flow of a program, and brings serious damage such as leakage of secret keys or escalation of privileges. To the best of our knowledge, there is no practical method for resisting the data oriented attack, and thus we discuss a protection method against the attack. Based on consideration of fundamental features of the data-oriented attack, we especially focus on detection of the attack. More precisely, the data-oriented attack can be detected by dynamically analyzing data flow since the flow is manipulated via the attack. Under this observation, we formally define data oriented attack detection system. That is, the detection of the attack is reduced to some decision problem whereby automata accept the data flow or not. We also discuss the feasibility of the proposed system.