About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Digital Forensics and Cyber Crime. 14th EAI International Conference, ICDF2C 2023, New York City, NY, USA, November 30, 2023, Proceedings, Part II

Research Article

SdShield: Effectively Ensuring Heap Security via Shadow Page Table

Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-031-56583-0_8,
        author={Linong Shi and Chuanping Hu and Yan Zhuang and Yan Lu},
        title={SdShield: Effectively Ensuring Heap Security via Shadow Page Table},
        proceedings={Digital Forensics and Cyber Crime. 14th EAI International Conference, ICDF2C 2023, New York City, NY, USA, November 30, 2023, Proceedings, Part II},
        proceedings_a={ICDF2C PART 2},
        year={2024},
        month={4},
        keywords={Heap vulnerabilities Shadow page table Page protection},
        doi={10.1007/978-3-031-56583-0_8}
    }
    
  • Linong Shi
    Chuanping Hu
    Yan Zhuang
    Yan Lu
    Year: 2024
    SdShield: Effectively Ensuring Heap Security via Shadow Page Table
    ICDF2C PART 2
    Springer
    DOI: 10.1007/978-3-031-56583-0_8
Linong Shi, Chuanping Hu, Yan Zhuang,*, Yan Lu
    *Contact email: yan.zhuang@zzu.edu.cn

    Abstract

    Heap security has become a serious threat in recent years. To address the problem of heap vulnerabilities that are hard to detect and mitigate, this paper proposes a new heap protection scheme using shadow page tables. This scheme builds on the traditional idea of page permission and designs a novel shadow page table structure that stores the virtual address and random value of each object. This enables checking the boundaries and validity of heap objects, and effectively detects various types of heap-related attacks, such as heap overflow, use-after-free, invalid free, and double free. In addition, the scheme adopts a dynamic system call addition method, which is not dependent on specific runtime environments or kernel modifications, and has high scalability and portability. Experimental evaluation on various applications shows that our proposed scheme is effective in detecting many types of heap vulnerabilities, providing more comprehensive security with low performance overhead than comparable solutions.

    Keywords
    Heap vulnerabilities Shadow page table Page protection
    Published
    2024-04-03
    Appears in
    SpringerLink
    http://dx.doi.org/10.1007/978-3-031-56583-0_8
    Copyright © 2023–2025 ICST
    EBSCOProQuestDBLPDOAJPortico
    EAI Logo

    About EAI

    • Who We Are
    • Leadership
    • Research Areas
    • Partners
    • Media Center

    Community

    • Membership
    • Conference
    • Recognition
    • Sponsor Us

    Publish with EAI

    • Publishing
    • Journals
    • Proceedings
    • Books
    • EUDL