Guarder: a tunable secure allocator
作者: Zhiqiang Lin , Tongping Liu , Sam Silvestro , Hongyu Liu , Tianyi Liu
DOI:
关键词:
摘要: Due to the on-going threats posed by heap vulnerabilities, we design a novel secure allocator—GUARDER—to defeat these vulnerabilities. GUARDER is different from existing secure allocators in the following aspects. Existing allocators either have low/zero randomization entropy, or cannot provide stable security guarantees, where their entropies vary by object size classes, execution phases, inputs, or applications. GUARDER ensures the desired randomization entropy, and provides an unprecedented level of security …
参考文章(28)
Chengyu Song, Byoungyoung Lee, Taesoo Kim, Wenke Lee, Type casting verification: stopping an emerging attack vector usenix security symposium. pp. 81- 96 ,(2015)
Ryan Iwahashi, Daniela A. S. de Oliveira, S. Felix Wu, Jedidiah R. Crandall, Young-Jun Heo, Jin-Tae Oh, Jong-Soo Jang, Towards Automatically Generating Double-Free Vulnerability Signatures Using Petri Nets Lecture Notes in Computer Science. pp. 114- 130 ,(2008) , 10.1007/978-3-540-85886-7_8
Daniel C. DuVarney, Sandeep Bhatkar, R. Sekar, Address obfuscation: an efficient approach to combat a board range of memory error exploits usenix security symposium. pp. 8- 8 ,(2003)
Frank Piessens, Hans Van den Eynden, Yves Younan, Wouter Joosen, Security of memory allocators for C and C Department of Computer Science, K.U.Leuven, Leuven, Belgium. ,(2005)
Periklis Akritidis, Cling: A memory allocator to mitigate dangling pointers usenix security symposium. pp. 12- 12 ,(2010)
Konstantin Serebryany, Derek Bruening, Alexander Potapenko, Dmitry Vyukov, AddressSanitizer: a fast address sanity checker usenix annual technical conference. pp. 28- 28 ,(2012)
Yves Younan, Wouter Joosen, Frank Piessens, Efficient protection against heap-based buffer overflows without resorting to magic international conference on information and communication security. ,vol. 4307, pp. 379- 398 ,(2006) , 10.1007/11935308_27
David R. Hanson, A portable storage management system for the icon programming language Software - Practice and Experience. ,vol. 10, pp. 489- 500 ,(1980) , 10.1002/SPE.4380100607
Yves Younan, FreeSentry: Protecting Against Use-After-Free Vulnerabilities Due to Dangling Pointers network and distributed system security symposium. ,(2015) , 10.14722/NDSS.2015.23190
Kangjie Lu, Chengyu Song, Byoungyoug Lee, Simon Chung, Taesoo Kim, Wenke Lee, ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks computer and communications security. pp. 280- 291 ,(2015) , 10.1145/2810103.2813694