CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS), Feb. 2019 > International Papers

[SW Security] CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS), Feb. 2019

0
0
Print
11-07

CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS) 2019

Jangseop Shin, Donghyun Kwon, Jiwon Seo, Yeongpil Cho, Yunheung Paek

본 논문은 C/C++ 프로그램에 대한 공격으로 많이 사용되는 Use-after-free 취약점에 대한 방어 기법을 제안한다. 이를 위해 컴파일 단계에서 코드를 수정하여 Heap object에 대한 Reference Counting을 수행하여 이를 통해 Heap object의 해제를 dangling pointer가 없어질 때까지 지연시킨다. 또한 실험을 통해 이 approach의 효율성을 보여주었다.

0
0

International Papers

Privacy Enhancing Computing LOHEN: Layer-wise Optimizations for Neural Network Inferences over Encrypted Data with high Performance or Accuracy, USENIX Security 2025

AI Security VFLIP: A Backdoor Defense for Vertical Federated Learning via Identification and Purification, ESORICS 2024

HW Security An Efficient Hardware/Software Co-design for FALCON on Low-End Embedded Systems, IEEE Access, April 2024

SW Security MetaSafe: Compiling for Protecting Smart Pointer Metadata to Ensure Safe Rust Integrity, USENIX Security 2024

HW Security Optimizing Hardware Resource Utilization for Accelerating the NTRU-KEM Algorithm, Computers, Dec 2023

SW Security KVSEV: Secure In-Memory Key-Value Store on AMD Secure Encrypted Virtualization, SoCC 2023

AI Security FLGuard: Byzantine-Robust Federated Learning via Ensemble of Contrastive Models, ESORICS 2023

SW Security ZOMETAG: Zone-based Memory Tagging for Fast, Deterministic Detection of Spatial Memory Violations on ARM, IEEE Transactions on Information Forensics and Security (Impact Factor: 7.23)

HW Security Area-Efficient Accelerator for the Full NTRU-KEM Algorithm, ICCSA 2023

AI Security Exploring Clustered Federated Learning’s Vulnerability against Property Inference Attack, RAID 2023

Application Specific Architectures Modeling and Library Support for Early-stage Exploration of Sparse Tensor Accelerator Designs, IEEE Access, May 2023

SW Security SFITAG: Efficient Software Fault Isolation with Memory Tagging for ARM Kernel Extensions, ASIACCS 2023

SW Security TRUST: A compilation framework for in-process isolation to protect safe rust against untrusted code, USENIX Security 2023

SW Security Practical Binary Code Similarity Detection with BERT-based Transferable Similarity Learning, ACSAC 2022

HW Security Accelerating N-bit Operations over TFHE on Commodity CPU-FPGA, ICCAD 2022

SW Security Exploring Effective Uses of the Tagged Memory for Reducing Bounds Checking Overheads (early access), The Journal of Supercomputing, July 2022

AI Security Precise Extraction of Deep Learning Models via Side-Channel Attacks on Edge/Endpoint Devices, ESORICS 2022

AI Security A pilot study of machine-learning-based algorithms to assist integrated care for older community-dwelling adults, Computers, Informatics, Nursing (CIN), Feb 2022

AI Security A Data Embedding Scheme for Efficient Program Behavior Modeling with Neural Networks (early access), IEEE Transactions on Emerging Topics in Computational Intelligence (Impact Factor: 8.28), May 2022

HW Security A Hardware Platform for Ensuring OS Kernel Integrity on RISC-V, MDPI Electronics, August 2021