FreeGuard
| Autor: | Sam Silvestro, Tongping Liu, Corey Crosser, Hongyu Liu, Zhiqiang Lin |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
FOS: Computer and information sciences
010302 applied physics Computer Science - Cryptography and Security Operating Systems (cs.OS) Computer science 020207 software engineering 02 engineering and technology Computer security computer.software_genre 01 natural sciences Memory allocator Computer Science - Operating Systems Allocator Software security assurance 0103 physical sciences Scalability 0202 electrical engineering electronic engineering information engineering Cryptography and Security (cs.CR) computer Heap (data structure) |
| Zdroj: | Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. |
| Popis: | In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators are designed with very limited countermeasures against attacks, but secure allocators generally suffer from significant performance overhead, e.g., running up to 10x slower. This paper, therefore, introduces FreeGuard, a secure memory allocator that prevents or reduces a wide range of heap-related attacks, such as heap overflows, heap over-reads, use-after-frees, as well as double and invalid frees. FreeGuard has similar performance to the default Linux allocator, with less than 2% overhead on average, but provides significant improvement to security guarantees. FreeGuard also addresses multiple implementation issues of existing secure allocators, such as the issue of scalability. Experimental results demonstrate that FreeGuard is very effective in defending against a variety of heap-related attacks. 15 pages, 4 figures, to be published at CCS'17 |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|