Mitigating Use-After-Free Attacks Using Memory-Reuse-Prohibited Library

この論文にアクセスする

著者

    • IKEGAMI Yuta
    • Graduate School of Natural Science and Technology, Okayama University
    • BAN Yuya
    • Graduate School of Natural Science and Technology, Okayama University

抄録

<p>Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. In particular, large-scale programs such as browsers often include many dangling pointers, and UAF vulnerabilities are frequently exploited by drive-by download attacks. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. The first condition for reuse is that the total size of the freed memory area is beyond the designated size. The threshold for the conditions of reuse of the freed memory area can be randomized by HeapRevolver. Furthermore, we add a second condition for reuse in which the freed memory area is merged with an adjacent freed memory area before release. Furthermore, HeapRevolver can be applied without modifying the target programs. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.</p>

収録刊行物

  • IEICE Transactions on Information and Systems

    IEICE Transactions on Information and Systems E100.D(10), 2295-2306, 2017

    一般社団法人 電子情報通信学会

各種コード

ページトップへ