CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS), Feb. 2019 > International Papers

[SW Security] CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS), Feb. 2019

0
0
Print
11-07

CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C/C++, Network and Distributed System Security Symposium (NDSS) 2019

Jangseop Shin, Donghyun Kwon, Jiwon Seo, Yeongpil Cho, Yunheung Paek

본 논문은 C/C++ 프로그램에 대한 공격으로 많이 사용되는 Use-after-free 취약점에 대한 방어 기법을 제안한다. 이를 위해 컴파일 단계에서 코드를 수정하여 Heap object에 대한 Reference Counting을 수행하여 이를 통해 Heap object의 해제를 dangling pointer가 없어질 때까지 지연시킨다. 또한 실험을 통해 이 approach의 효율성을 보여주었다.

0
0

International Papers

SW Security Dynamic Virtual Address Range Adjustment for Intra-Level Privilege Separation on ARM, Network and Distributed System Security Symposium (NDSS), Feb 2017 (Acceptance rate: 16%)

Mobile Cloud Computing An Effective Cloud Solution to Ensure the Integrity of Mobile Application via Execution Offloading, The 4th International Conference on Network, Communication and Computing (ICNCC), published in International Journal of Engineering and Technology (IJET), Feb 2017

Mobile Cloud Computing An Effective Cloud Solution to Ensure the Integrity of Mobile Application via Execution Offloading, International Journal of Engineering and Technology 9 (1), Feb 2017

HW Security Efficient Security Monitoring with Core Debug Interface in an Embedded Processor, ACM Transactions on Design Automation of Electronic Systems (TODAES), Dec 2016

SW Security Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques, ACM Computing Surveys (CSUR), Nov 2016

AI Security LSTM-Based System-Call Language Modeling and Robust Ensemble Method for Designing Host-Based Intrusion Detection Systems, arXiv preprint arXiv:1611.01726, Nov 2016

SW Security A Survey and Design of a Scalable Mobile Edge Cloud Platform for the Smart IoT Devices and It’s Applications, International Conference on Computer Science and its Applications, 694-698, Nov 2016

HW Security A Hardware-based Technique for Efficient Implicit Information Flow Tracking, International Conference on Computer Aided Design (ICCAD), Nov. 2016 (Acceptance rate: 23%)

Mobile Cloud Computing Optimization Techniques to Enable Execution Offloading for 3D Video Games, Multimedia Tools and Applications(MTAP), Jul 2016

Application Specific Architectures Development of Custom Digital Signal Processor for Finger Recognition Vision Application, International Conference on Ubiquitous Computing Application and Wireless Sensor Network, Jul 2016

SW Security Instant OS Updates via Userspace Checkpoint-and-Restart, USENIX Annual Technical Conference (ATC), June 2016

SW Security Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices, USENIX Annual Technical Conference(ATC), Jun 2016 (Acceptance rate: 19%)

HW Security Architectural Supports to Protect OS Kernels from Code-Injection Attacks Hardware and Architectural Support for Security and Privacy (HASP), Jun 2016

HW Security A Hardware-based Technique for Efficient Implicit Information Flow Tracking, Design Automation Conference (DAC) WIP, Jun 2016

HW Security HDFI: Hardware-Assisted Data-flow Isolation, IEEE S&P , May 2016 (Acceptance rate: 13.3%)

SW Security TrackMeOrNot: Enabling Flexible Control on Web Tracking, International Conference on World Wide Web (WWW), April 2016

HW Security Integration of ROP/JOP Monitoring IPs in an ARM-based SoC Design Automation and Test in Europe Conference and Exhibition (DATE), Mar 2016 (Acceptance rate: 24%)

Mobile Cloud Computing Energy-Reduction Offloading Technique for Streaming Media Servers, Mobile Information Systems, Mar 2016

SW Security Enforcing Kernel Security Invariants with Data Flow Integrity, Network and Distributed System Security Symposium (NDSS), Feb 2016

Application Specific Architectures Software-based Selective Validation Techniques for Robust CGRAs against Soft Errors, Transactions on Embedded Computing Systems, VOL.15, NO.20, Feb 2016