MineSweeper: A Clean sweepž for drop-in use-After-free prevention
| cam.depositDate | 2022-01-26 | |
| cam.issuedOnline | 2022-02-22 | |
| cam.orpheus.counter | 2 | |
| cam.orpheus.success | Wed Mar 23 10:26:26 GMT 2022 - Embargo updated | |
| datacite.issupplementedby.url | https://doi.org/10.17863/CAM.78150 | |
| dc.contributor.author | Erdos, M | |
| dc.contributor.author | Ainsworth, S | |
| dc.contributor.author | Jones, TM | |
| dc.contributor.orcid | Jones, Timothy M. [0000-0002-4114-7661] | |
| dc.date.accessioned | 2022-01-28T00:30:33Z | |
| dc.date.available | 2022-01-28T00:30:33Z | |
| dc.date.issued | 2022 | |
| dc.date.updated | 2022-01-26T14:08:03Z | |
| dc.description.abstract | Low-level languages, which require manual memory management from the programmer, remain in wide use for performance-critical applications. Memory-safety bugs are common, and now a major source of exploits. In particular, a use-after-free bug occurs when an object is erroneously deallocated, whilst pointers to it remain active in memory, and those (dangling) pointers are later used to access the object. An attacker can reallocate the memory area backing an erroneously freed object, then overwrite its contents, injecting carefully chosen data into the host program, thus altering its execution and achieving privilege escalation. We present MineSweeper, a system to mitigate use-after-free vulnerabilities by retaining freed allocations in a quarantine, until no pointers to them remain in program memory, thus preventing their reallocation until it is safe. MineSweeper performs efficient linear sweeps of memory to identify quarantined items that have no dangling pointers to them, and thus can be safely reallocated. This allows MineSweeper to be significantly more efficient than previous transitive marking procedure techniques. MineSweeper, attached to JeMalloc, improves security at an acceptable overhead in memory footprint (11.1% on average) and an execution-time cost of only 5.4% (geometric mean for SPEC CPU2006), with 9.6% additional threaded CPU usage. These figures considerably improve on the state-of-the-art for non-probabilistic drop-in temporal-safety systems, and make MineSweeper the only such scheme suitable for deployment in real-world production environments. | |
| dc.identifier.doi | 10.17863/CAM.80392 | |
| dc.identifier.isbn | 9781450392051 | |
| dc.identifier.uri | https://www.repository.cam.ac.uk/handle/1810/332968 | |
| dc.language.iso | eng | |
| dc.publisher | ACM | |
| dc.publisher.department | Department of Computer Science And Technology | |
| dc.publisher.url | http://dx.doi.org/10.1145/3503222.3507712 | |
| dc.rights | All Rights Reserved | |
| dc.rights.uri | http://www.rioxx.net/licenses/all-rights-reserved | |
| dc.subject | temporal safety | |
| dc.subject | use-after-free | |
| dc.subject | programming language security | |
| dc.title | MineSweeper: A Clean sweepž for drop-in use-After-free prevention | |
| dc.type | Conference Object | |
| dcterms.dateAccepted | 2022-01-09 | |
| prism.publicationName | International Conference on Architectural Support for Programming Languages and Operating Systems - ASPLOS | |
| pubs.conference-finish-date | 2022-03-04 | |
| pubs.conference-name | ASPLOS '22: 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems | |
| pubs.conference-start-date | 2022-02-28 | |
| pubs.funder-project-id | Engineering and Physical Sciences Research Council (EP/K026399/1) | |
| pubs.funder-project-id | Engineering and Physical Sciences Research Council (EP/P020011/1) | |
| pubs.licence-display-name | Apollo Repository Deposit Licence Agreement | |
| pubs.licence-identifier | apollo-deposit-licence-2-1 | |
| rioxxterms.version | AM | |
| rioxxterms.versionofrecord | 10.1145/3503222.3507712 |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- paper.pdf
- Size:
- 947.69 KB
- Format:
- Adobe Portable Document Format
- Description:
- Accepted version
- Licence
- http://www.rioxx.net/licenses/all-rights-reserved