Research Article
SdShield: Effectively Ensuring Heap Security via Shadow Page Table
@INPROCEEDINGS{10.1007/978-3-031-56583-0_8, author={Linong Shi and Chuanping Hu and Yan Zhuang and Yan Lu}, title={SdShield: Effectively Ensuring Heap Security via Shadow Page Table}, proceedings={Digital Forensics and Cyber Crime. 14th EAI International Conference, ICDF2C 2023, New York City, NY, USA, November 30, 2023, Proceedings, Part II}, proceedings_a={ICDF2C PART 2}, year={2024}, month={4}, keywords={Heap vulnerabilities Shadow page table Page protection}, doi={10.1007/978-3-031-56583-0_8} }- Linong Shi
Chuanping Hu
Yan Zhuang
Yan Lu
Year: 2024
SdShield: Effectively Ensuring Heap Security via Shadow Page Table
ICDF2C PART 2
Springer
DOI: 10.1007/978-3-031-56583-0_8
Abstract
Heap security has become a serious threat in recent years. To address the problem of heap vulnerabilities that are hard to detect and mitigate, this paper proposes a new heap protection scheme using shadow page tables. This scheme builds on the traditional idea of page permission and designs a novel shadow page table structure that stores the virtual address and random value of each object. This enables checking the boundaries and validity of heap objects, and effectively detects various types of heap-related attacks, such as heap overflow, use-after-free, invalid free, and double free. In addition, the scheme adopts a dynamic system call addition method, which is not dependent on specific runtime environments or kernel modifications, and has high scalability and portability. Experimental evaluation on various applications shows that our proposed scheme is effective in detecting many types of heap vulnerabilities, providing more comprehensive security with low performance overhead than comparable solutions.
