CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS), Feb. 2019 > International Papers

[SW Security] CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS), Feb. 2019

0
0
Print
11-07

CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS) 2019

Jangseop Shin, Donghyun Kwon, Jiwon Seo, Yeongpil Cho, Yunheung Paek

본 논문은 C/C++ 프로그램에 대한 공격으로 많이 사용되는 Use-after-free 취약점에 대한 방어 기법을 제안한다. 이를 위해 컴파일 단계에서 코드를 수정하여 Heap object에 대한 Reference Counting을 수행하여 이를 통해 Heap object의 해제를 dangling pointer가 없어질 때까지 지연시킨다. 또한 실험을 통해 이 approach의 효율성을 보여주었다.

0
0

International Papers

AI Security VFLIP: A Backdoor Defense for Vertical Federated Learning via Identification and Purification, ESORICS 2024

AI Security FLGuard: Byzantine-Robust Federated Learning via Ensemble of Contrastive Models, ESORICS 2023

AI Security Exploring Clustered Federated Learning’s Vulnerability against Property Inference Attack, RAID 2023

AI Security Precise Extraction of Deep Learning Models via Side-Channel Attacks on Edge/Endpoint Devices, ESORICS 2022

AI Security A pilot study of machine-learning-based algorithms to assist integrated care for older community-dwelling adults, Computers, Informatics, Nursing (CIN), Feb 2022

AI Security A Data Embedding Scheme for Efficient Program Behavior Modeling with Neural Networks (early access), IEEE Transactions on Emerging Topics in Computational Intelligence (Impact Factor: 8.28), May 2022

AI Security Panop: Mimicry-Resistant ANN-based Distributed NIDS for IoT Networks, IEEE Access, July 2021

AI Security Learn2Evade: Learning-based Generative Model for Evading PDF Malware Classifiers, IEEE Transactions on Artificial Intelligence, July 2021

AI Security Hawkware: Network Intrusion Detection based on Behavior Analysis with ANNs on an IoT Device, Design Automation Conference (DAC), Jul 2020

AI Security DADE: a fast data anomaly detection engine for kernel integrity monitoring, The Journal of Supercomputing, Aug 2019

AI Security Hawkware: Network Intrusion Detection based on Behavior Analysis with ANNs on an IoT Device, Design Automation Conference WIP, Jun 2019

AI Security Real-Time Anomalous Branch Behavior Detection with a GPU-inspired Engine for Machine Learning Models, DATE, Mar 2019

AI Security An SoC Architecture for Learning-Based Online Anomaly Detection on ARM, Design Automation Conference WIP, Jun 2018

AI Security Mimicry Resilient Program Behavior Modeling with LSTM based Branch Models, DEEP LEARNING AND SECURITY WORKSHOP, May2018

AI Security LSTM-Based System-Call Language Modeling and Robust Ensemble Method for Designing Host-Based Intrusion Detection Systems, arXiv preprint arXiv:1611.01726, Nov 2016