Some unsafe languages,like C and C++,let programmers maximize performance but are vulnerable to memory errors which can lead to program crashes and unpredictable behavior.Aiming to solve the problem,traditional memory...Some unsafe languages,like C and C++,let programmers maximize performance but are vulnerable to memory errors which can lead to program crashes and unpredictable behavior.Aiming to solve the problem,traditional memory allocating strategy is improved and a new probabilistic memory allocation technology is presented.By combining random memory allocating algorithm and virtual memory,memory errors are avoided in all probability during software executing.By replacing default memory allocator to manage allocation of heap memory,buffer overflows and dangling pointers are prevented.Experiments show it is better than Diehard of the following aspects:memory errors prevention,performance in memory allocation set and ability of controlling working set.So probabilistic memory allocation is a valid memory errors prevention technology and it can tolerate memory errors and provide probabilistic memory safety effectively.展开更多
Heap overflow attack is one of the major memory corruption attacks that have become prevalent for decades. To defeat this attack,many protection methods are proposed in recent years. However,most of these existing met...Heap overflow attack is one of the major memory corruption attacks that have become prevalent for decades. To defeat this attack,many protection methods are proposed in recent years. However,most of these existing methods focus on user-level heap overflow detection. Only a few methods are proposed for kernel heap protection. Moreover,all these kernel protection methods need modifying the existing OS kernel so that they may not be adopted in practice. To address this problem,we propose a lightweight virtualization-based solution that can protect the kernel heap buffers allocated for the target kernel modules. The key idea of our approach is to combine the static binary analysis and virtualization technology to trap a memory allocation operation of the target kernel module,and then add one secure canary word to the end of the allocated buffer. After that,a monitor process is launched to check the integrity of the canaries. The evaluations show that our system can detect kernel heap overflow attacks effectively with minimal performance cost.展开更多
基金supported by the Natural Science Foundation of China under Grant No.61100205the National High-Tech Research and Development Plan of China under Grant No.2009AA01Z433the Project of the Fundamental Research Funds of Beijing Institute of Technology
文摘Some unsafe languages,like C and C++,let programmers maximize performance but are vulnerable to memory errors which can lead to program crashes and unpredictable behavior.Aiming to solve the problem,traditional memory allocating strategy is improved and a new probabilistic memory allocation technology is presented.By combining random memory allocating algorithm and virtual memory,memory errors are avoided in all probability during software executing.By replacing default memory allocator to manage allocation of heap memory,buffer overflows and dangling pointers are prevented.Experiments show it is better than Diehard of the following aspects:memory errors prevention,performance in memory allocation set and ability of controlling working set.So probabilistic memory allocation is a valid memory errors prevention technology and it can tolerate memory errors and provide probabilistic memory safety effectively.
基金supported in part by National Natural Science Foundation of China (NSFC) under Grant No.61602035the National Key Research and Development Program of China under Grant No.2016YFB0800700+1 种基金the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information SecurityOpen Found of Key Laboratory of IOT Application Technology of Universities in Yunnan Province under Grant No.2015IOT03
文摘Heap overflow attack is one of the major memory corruption attacks that have become prevalent for decades. To defeat this attack,many protection methods are proposed in recent years. However,most of these existing methods focus on user-level heap overflow detection. Only a few methods are proposed for kernel heap protection. Moreover,all these kernel protection methods need modifying the existing OS kernel so that they may not be adopted in practice. To address this problem,we propose a lightweight virtualization-based solution that can protect the kernel heap buffers allocated for the target kernel modules. The key idea of our approach is to combine the static binary analysis and virtualization technology to trap a memory allocation operation of the target kernel module,and then add one secure canary word to the end of the allocated buffer. After that,a monitor process is launched to check the integrity of the canaries. The evaluations show that our system can detect kernel heap overflow attacks effectively with minimal performance cost.
