2013 IEEE Symposium on Security and Privacy 2013
DOI: 10.1109/sp.2013.13
|View full text |Cite
|
Sign up to set email alerts
|

SoK: Eternal War in Memory

Abstract: Memory corruption bugs in software written in low-level languages like C or C++ are one of the oldest problems in computer security. The lack of safety in these languages allows attackers to alter the program's behavior or take full control over it by hijacking its control flow. This problem has existed for more than 30 years and a vast number of potential solutions have been proposed, yet memory corruption attacks continue to pose a serious threat. Real world exploits show that all currently deployed protecti… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

2
362
0

Year Published

2015
2015
2021
2021

Publication Types

Select...
3
3
3

Relationship

0
9

Authors

Journals

citations
Cited by 545 publications
(364 citation statements)
references
References 37 publications
2
362
0
Order By: Relevance
“…A recent survey of protection mechanisms [55] shows that most available solutions are either (a) incomplete, (b) bypassable using known attacks, (c) require source code modifications or (d) impose significant performance overhead.…”
Section: Introductionmentioning
confidence: 99%
“…A recent survey of protection mechanisms [55] shows that most available solutions are either (a) incomplete, (b) bypassable using known attacks, (c) require source code modifications or (d) impose significant performance overhead.…”
Section: Introductionmentioning
confidence: 99%
“…Such violations are a common source of serious security vulnerabilities [12], [81] such as heap-based buffer overflows [1], [5], [33], [72], [76], confidential data leaks [4], and exploitable use-after-free [3], [10], and doublefree bugs [2], [41]. The micro-policy we study here only guards heap-allocated data, for which calls to the malloc and free monitor services tell us how to set up and tear down memory regions; we leave stack allocation and C-like unboxed structs as future work.…”
Section: Memory Safety Micro-policymentioning
confidence: 99%
“…DEP has to manage the executable flag, which is essentially a form of annotation or metadata, and it requires a (hardware) check before each critical operation, i.e., before executing an instruction. For less than 1% overhead, DEP protects against basic forms of remote code execution attacks, but it can be circumvented relatively easily using more elaborate attacks based on "return-oriented programming" [35].…”
Section: Background and Related Workmentioning
confidence: 99%
“…Stack canaries incur below 1% overhead. They offer some protection against simple buffer overflows, but they can be neutralized by modifying attacks, e.g., by directly overriding the return address [35].…”
Section: Background and Related Workmentioning
confidence: 99%