Collaborative Computing: Networking, Applications and Worksharing. 16th EAI International Conference, CollaborateCom 2020, Shanghai, China, October 16–18, 2020, Proceedings, Part I

Research Article

Defending Use-After-Free via Relationship Between Memory and Pointer

Download
3 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-67537-0_35,
    author={Guangquan Xu and Miao Li and Xiaotong Li and Kai Chen and Ran Wang and Wei Wang and Kaitai Liang and Qiang Tang and Shaoying Liu},
    title={Defending Use-After-Free via Relationship Between Memory and Pointer},
    proceedings={Collaborative Computing: Networking, Applications and Worksharing. 16th EAI International Conference, CollaborateCom 2020, Shanghai, China, October 16--18, 2020, Proceedings, Part I},
    proceedings_a={COLLABORATECOM},
    year={2021},
    month={1},
    keywords={Use-after-free vulnerability Fine-grained memory permission management Static instrumentation},
    doi={10.1007/978-3-030-67537-0_35}
}
  • Guangquan Xu
    Miao Li
    Xiaotong Li
    Kai Chen
    Ran Wang
    Wei Wang
    Kaitai Liang
    Qiang Tang
    Shaoying Liu
    Year: 2021
    Defending Use-After-Free via Relationship Between Memory and Pointer
    COLLABORATECOM
    Springer
    DOI: 10.1007/978-3-030-67537-0_35
Guangquan Xu1,*, Miao Li1, Xiaotong Li1, Kai Chen2, Ran Wang3, Wei Wang, Kaitai Liang4, Qiang Tang, Shaoying Liu
  • 1: College of Intelligence and Computing
  • 2: Institute of Information Engineering
  • 3: Security Center
  • 4: Surrey Centre of Cyber Security
*Contact email: losin@tju.edu.cn

Abstract

Existing approaches to defending Use-After-Free (UAF) exploits are usually done using static or dynamic analysis. However, both static and dynamic analysis suffer from intrinsic deficiencies. The existing static analysis is limited in handling loops, optimization of memory representation. The existing dynamic analysis, which is characterized by lacking the maintenance of pointer information, may lead to flaws that the relationships between pointers and memory cannot be precisely identified.

In this work, we propose a new method called UAF-GUARD without the above barriers, in the aim to defending against UAF exploits using fine-grained memory permission management. In particular, we design a key data structure to support the fine-grained memory permission management, which can maintain more information to capture the relationship between pointers and memory. Moreover, we design code instrumentation to enable UAF-GUARD to precisely locate the position of UAF vulnerabilities to further terminate malicious programs when anomalies are detected.

We implement UAF-GUARD on a 64-bit Linux system. We carry out experiments to compare UAF-GUARD with the main existing approaches. The experimental results demonstrate that UAF-GUARD is able to effectively and efficiently defend against three types of UAF exploits with acceptable space overhead and time overhead.

Keywords
Use-after-free vulnerability Fine-grained memory permission management Static instrumentation
Published
2021-01-22
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-67537-0_35
Copyright © 2020–2025 ICST
EAI Logo

About EAI

Community

Publish with EAI