[SW Security] CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS), Feb. 2019

CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS) 2019


Jangseop Shin, Donghyun Kwon, Jiwon Seo, Yeongpil Cho, Yunheung Paek


본 논문은 C/C++ 프로그램에 대한 공격으로 많이 사용되는 Use-after-free 취약점에 대한 방어 기법을 제안한다. 이를 위해 컴파일 단계에서 코드를 수정하여 Heap object에 대한 Reference Counting을 수행하여 이를 통해 Heap object의 해제를 dangling pointer가 없어질 때까지 지연시킨다. 또한 실험을 통해 이 approach의 효율성을 보여주었다.

0
0

International Papers

SW Security VM-CFI : Control-Flow Integrity for Virtual Machine Kernel using Intel PT, DTS, Jul 2018
HW Security Hypernel: A Hardware-Assisted Framework for Kernel Protection without Nested Paging, Annual Design Automation Conference (DAC), Jun 2018
AI Security An SoC Architecture for Learning-Based Online Anomaly Detection on ARM, Design Automation Conference WIP, Jun 2018
AI Security Mimicry Resilient Program Behavior Modeling with LSTM based Branch Models, DEEP LEARNING AND SECURITY WORKSHOP, May2018
SW Security Obliviate: A Data Oblivious Filesystem for Intel SGX, Network and Distributed System Security Symposium (NDSS), Feb 2018
SW Security Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, Network and Distributed System Security Symposium (NDSS), Feb 2018
SW Security Securing Real-Time Microcontroller Systems through Customized Memory View Switching, Network and Distributed System Security Symposium (NDSS), Feb 2018
HW Security Architectural Supports to Protect OS Kernels from Code-Injection Attacks and Their Applications, ACM TRANSACTIONS ON DESIGN AUTOMATION OF ELECTRONIC SYSTEMS, Oct 2017
SW Security HexType: Efficient Detection of Type Confusion Errors for C++, ACM Conference on Computer and Communications Security (CCS), Oct 2017
SW Security CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems, USENIX Annual Technical Conference (ATC), Jul 2017
SW Security Instruction-Level Data Isolation for the Kernel on ARM, Annual Design Automation Conference (DAC), Jun 2017
HW Security Hardware-assisted Efficient Long Branch Tracing for Control Flow Integrity on x86 Processors, Design Automation Conference WIP, Jun 2017
HW Security Using CoreSight PTM to Integrate CRA Monitoring IPs in an ARM-Based SoC, ACM TRANSACTIONS ON DESIGN AUTOMATION OF ELECTRONIC SYSTEMS, May 2017
HW Security Detecting and Preventing Kernel Rootkit Attacks with Bus Snooping, IEEE Transactions on Dependable and Secure Computing, Apr 2017
SW Security SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs, Network and Distributed System Security Symposium (NDSS), Feb 2017
SW Security Dynamic Virtual Address Range Adjustment for Intra-Level Privilege Separation on ARM, Network and Distributed System Security Symposium (NDSS), Feb 2017 (Acceptance rate: 16%)
Mobile Cloud Computing An Effective Cloud Solution to Ensure the Integrity of Mobile Application via Execution Offloading, The 4th International Conference on Network, Communication and Computing (ICNCC), published in International Journal of Engineering and Technology (IJET), Feb 2017
Mobile Cloud Computing An Effective Cloud Solution to Ensure the Integrity of Mobile Application via Execution Offloading, International Journal of Engineering and Technology 9 (1), Feb 2017
HW Security Efficient Security Monitoring with Core Debug Interface in an Embedded Processor, ACM Transactions on Design Automation of Electronic Systems (TODAES), Dec 2016
SW Security Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques, ACM Computing Surveys (CSUR), Nov 2016