Defending Use-After-Free via Relationship Between Memory and Pointer

Guangquan Xu, Miao Li, Xiaotong Li, Kai Chen, Ran Wang, Wei Wang, Kaitai Liang, Qiang Tang, Shaoying Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations


Existing approaches to defending Use-After-Free (UAF) exploits are usually done using static or dynamic analysis. However, both static and dynamic analysis suffer from intrinsic deficiencies. The existing static analysis is limited in handling loops, optimization of memory representation. The existing dynamic analysis, which is characterized by lacking the maintenance of pointer information, may lead to flaws that the relationships between pointers and memory cannot be precisely identified. In this work, we propose a new method called UAF-GUARD without the above barriers, in the aim to defending against UAF exploits using fine-grained memory permission management. In particular, we design a key data structure to support the fine-grained memory permission management, which can maintain more information to capture the relationship between pointers and memory. Moreover, we design code instrumentation to enable UAF-GUARD to precisely locate the position of UAF vulnerabilities to further terminate malicious programs when anomalies are detected. We implement UAF-GUARD on a 64-bit Linux system. We carry out experiments to compare UAF-GUARD with the main existing approaches. The experimental results demonstrate that UAF-GUARD is able to effectively and efficiently defend against three types of UAF exploits with acceptable space overhead and time overhead.

Original languageEnglish (US)
Title of host publicationCollaborative Computing
Subtitle of host publicationNetworking, Applications and Worksharing - 16th EAI International Conference, CollaborateCom 2020, Proceedings
EditorsHonghao Gao, Xinheng Wang, Muddesar Iqbal, Yuyu Yin, Jianwei Yin, Ning Gu
PublisherSpringer Science and Business Media Deutschland GmbH
Number of pages15
ISBN (Print)9783030675363
StatePublished - 2021
Event16th EAI International Conference on Collaborative Computing: Networking, Applications, and Worksharing, CollaborateCom 2020 - Shanghai, China
Duration: Oct 16 2020Oct 18 2020

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
ISSN (Print)1867-8211
ISSN (Electronic)1867-822X


Conference16th EAI International Conference on Collaborative Computing: Networking, Applications, and Worksharing, CollaborateCom 2020

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications


  • Fine-grained memory permission management
  • Static instrumentation
  • Use-after-free vulnerability


Dive into the research topics of 'Defending Use-After-Free via Relationship Between Memory and Pointer'. Together they form a unique fingerprint.

Cite this