Watchdog: Hardware for safe and secure manual memory management and full memory safety

Nagarakatte, Santosh; Martin, Shawn; Zdancewic,

doi:10.1109/isca.2012.6237017

Cited by 46 publications

(50 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The practical combination of Address Space Layout Randomization(ASLR), NX and stack protector is evaluated in Ubuntu 12.04 with appropriate OS/compiler switches(randomize va space = 2, -z noexecstack, -fstack-protector-all). [12], [24]- [26] are …”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks

Rao

Xu³

et al. 2016

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARY Buffer overflow is one of the main approaches to get control of vulnerable programs. This paper presents a protection technique called BFWindow for performance and resource sensitive embedded systems. By coloring data structure in memory with single associate property bit to each byte and extending the target memory block to a BFWindow(2), it validates each memory write by speculatively checking consistency of data properties within the extended buffer window. Property bits are generated by compiler statically and checked by hardware at runtime. They are transparent to users. Experimental results show that the proposed mechanism is effective to prevent sequential memory writes from crossing buffer boundaries which is the common scenario of buffer overflow exploitations. The performance overhead for practical protection mode across embedded system benchmarks is under 1%.

show abstract

Section: Resultsmentioning

confidence: 99%

“…Recently hardware based boundary checking solutions appear. [24] implements implicit boundary checking while [25], [26] implement explicit boundary checking. A pointer table of (address, base, size) is generated by compiler and maintained by hardware µops or extended instructions.…”

Section: Related Workmentioning

confidence: 99%

BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks

Rao

Xu³

et al. 2016

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

show abstract

“…ManagedC is a software-based approach, thus we focus on research in this area rather than on hardwarebased research such as [6,10,26,27,32,35,36,41]. Like existing literature surveys [25], we distinguish between pointer-based approaches and object-based approaches.…”

Section: Related Workmentioning

confidence: 99%

Memory-safe Execution of C on a Java VM

Grimmer

Schatz²,

Seaton

et al. 2015

Proceedings of the 10th ACM Workshop on Programming Languages and Analysis for Security

View full text Add to dashboard Cite

In low-level languages such as C, spatial and temporal safety errors (e.g. buffer overflows or dangling pointer dereferences) are hard to find and can cause security vulnerabilities. Modern high-level languages such as Java avoid these problems by running programs on a virtual machine that provides automated memory management.In this paper we show how we can safely execute C code on top of a modern runtime (e.g., a Java Virtual Machine) by allocating all data on the managed heap. We reuse the memory management of the runtime, hence, we can ensure spatial and temporal safety with little effort. Nevertheless, we retain all characteristics that are typical for unsafe languages (such as pointer arithmetic, pointers into objects, or arbitrary type casts). We discuss how our approach complies with the C99 standard.Compared to an optimized unsafe execution of a C program (compiled with the GNU C compiler and all optimizations enabled) our approach has overhead of 15% on average (peak-performance).

show abstract

“…Memory bounds checking (MBC) annotate pointers with their legal address range and check every memory access against the base and bound of the associated data structure [3], [4], [50], [51]. However, the overhead of MBC is substantial.…”

Section: Comprehensive Defensesmentioning

confidence: 99%

Signature-Based Protection from Code Reuse Attacks

Kayaalp

Schmitt

Nomani

et al. 2015

IEEE Trans. Comput.

View full text Add to dashboard Cite

Abstract-Code Reuse Attacks (CRAs) recently emerged as a new class of security exploits. CRAs construct malicious programs out of small fragments (gadgets) of existing code, thus eliminating the need for code injection. Existing defenses against CRAs often incur large performance overheads or require extensive binary rewriting and other changes to the system software. In this paper, we examine a signature-based detection of CRAs, where the attack is detected by observing the behavior of programs and detecting the gadget execution patterns. We first demonstrate that naive signature-based defenses can be defeated by introducing special "delay gadgets" as part of the attack. We then show how a software-configurable signature-based approach can be designed to defend against such stealth CRAs, including the attacks that manage to use longer-length gadgets. The proposed defense (called SCRAP) can be implemented entirely in hardware using simple logic at the commit stage of the pipeline. SCRAP is realized with minimal performance cost, no changes to the software layers and no implications on binary compatibility. Finally, we show that SCRAP generates no false alarms on a wide range of applications.

show abstract

Watchdog: Hardware for safe and secure manual memory management and full memory safety

Cited by 46 publications

References 31 publications

BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks

BFWindow: Speculatively Checking Data Property Consistency against Buffer Overflow Attacks

Memory-safe Execution of C on a Java VM

Signature-Based Protection from Code Reuse Attacks

Contact Info

Product

Resources

About