New idea: Safe Stack, to analyze and classify security. Useful at least to flag possible problems.
Stacking the Deck for Computer Security
Penn State News
WennersHerron Ashley J., June 17, 2022
An international team of researchers led by Pennsylvania State University (Penn State) has created a more reliable safeguard for data on the stack than a prior classification technique called Safe Stack. Penn State's Trent Jaeger said the DATAGUARD system "improves security through a more comprehensive and accurate safety analysis that proves a larger number of stack objects are safe from memory errors, while ensuring that no unsafe stack objects are mistakenly classified as safe." The system validates stack objects that are safe from spatial, type, and temporal memory errors, via static analysis and symbolic execution. Tests showed DATAGUARD spotted and removed 6.3% of objects wrongly labeled safe by the Safe Stack technique, and found 65% of objects labeled "unsafe" by Safe Stack actually were safe. .... '
No comments:
Post a Comment