TY - GEN
T1 - Defending Use-After-Free via Relationship Between Memory and Pointer
AU - Xu, Guangquan
AU - Li, Miao
AU - Li, Xiaotong
AU - Chen, Kai
AU - Wang, Ran
AU - Wang, Wei
AU - Liang, Kaitai
AU - Tang, Qiang
AU - Liu, Shaoying
N1 - Publisher Copyright:
© 2021, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.
PY - 2021
Y1 - 2021
N2 - Existing approaches to defending Use-After-Free (UAF) exploits are usually done using static or dynamic analysis. However, both static and dynamic analysis suffer from intrinsic deficiencies. The existing static analysis is limited in handling loops, optimization of memory representation. The existing dynamic analysis, which is characterized by lacking the maintenance of pointer information, may lead to flaws that the relationships between pointers and memory cannot be precisely identified. In this work, we propose a new method called UAF-GUARD without the above barriers, in the aim to defending against UAF exploits using fine-grained memory permission management. In particular, we design a key data structure to support the fine-grained memory permission management, which can maintain more information to capture the relationship between pointers and memory. Moreover, we design code instrumentation to enable UAF-GUARD to precisely locate the position of UAF vulnerabilities to further terminate malicious programs when anomalies are detected. We implement UAF-GUARD on a 64-bit Linux system. We carry out experiments to compare UAF-GUARD with the main existing approaches. The experimental results demonstrate that UAF-GUARD is able to effectively and efficiently defend against three types of UAF exploits with acceptable space overhead and time overhead.
AB - Existing approaches to defending Use-After-Free (UAF) exploits are usually done using static or dynamic analysis. However, both static and dynamic analysis suffer from intrinsic deficiencies. The existing static analysis is limited in handling loops, optimization of memory representation. The existing dynamic analysis, which is characterized by lacking the maintenance of pointer information, may lead to flaws that the relationships between pointers and memory cannot be precisely identified. In this work, we propose a new method called UAF-GUARD without the above barriers, in the aim to defending against UAF exploits using fine-grained memory permission management. In particular, we design a key data structure to support the fine-grained memory permission management, which can maintain more information to capture the relationship between pointers and memory. Moreover, we design code instrumentation to enable UAF-GUARD to precisely locate the position of UAF vulnerabilities to further terminate malicious programs when anomalies are detected. We implement UAF-GUARD on a 64-bit Linux system. We carry out experiments to compare UAF-GUARD with the main existing approaches. The experimental results demonstrate that UAF-GUARD is able to effectively and efficiently defend against three types of UAF exploits with acceptable space overhead and time overhead.
KW - Fine-grained memory permission management
KW - Static instrumentation
KW - Use-after-free vulnerability
UR - http://www.scopus.com/inward/record.url?scp=85101347768&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85101347768&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-67537-0_35
DO - 10.1007/978-3-030-67537-0_35
M3 - Conference contribution
AN - SCOPUS:85101347768
SN - 9783030675363
T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
SP - 583
EP - 597
BT - Collaborative Computing
A2 - Gao, Honghao
A2 - Wang, Xinheng
A2 - Iqbal, Muddesar
A2 - Yin, Yuyu
A2 - Yin, Jianwei
A2 - Gu, Ning
PB - Springer Science and Business Media Deutschland GmbH
T2 - 16th EAI International Conference on Collaborative Computing: Networking, Applications, and Worksharing, CollaborateCom 2020
Y2 - 16 October 2020 through 18 October 2020
ER -