An Efficient Use-after-Free Mitigation Approach via Static Dangling Pointer Nullification

被引：0

作者：

Yu, Yue ^{[1
,2
]}

Jia, Xiaoqi ^{[1
,2
]}

An, Xun ^{[1
,2
]}

Zhang, Shengzhi ^{[3
]}

机构：

[1] Chinese Acad Sci, Inst Informat Engn, BKLONSPT Beijing Key Lab Network Secur & Protect, CAS KLONAT Key Lab Network Assessment Technol, Beijing, Peoples R China

[2] Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China

[3] Boston Univ, Metropolitan Coll, Boston, MA 02215 USA

来源：

ICT SYSTEMS SECURITY AND PRIVACY PROTECTION (SEC 2022) | 2022年 / 648卷

关键词：

Use-after-free vulnerability; Vulnerability mitigation; Alias analysis; Dangling pointer; SAFETY;

D O I：

10.1007/978-3-031-06975-8_29

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

UAF (use-after-free) is one of the most severe program vulnerabilities, caused by dangling pointers. Existing vulnerability mitigation approaches either attempt to block possible exploitation without fixing the root cause problem, or identify and remove dangling pointers with huge runtime overhead. In this paper, we present SDPN (Static Dangling Pointer Nullification) to defeat use-after-free vulnerability by eliminating dangling pointers filtered in multiple stages during compilation time. We implement a prototype of SDPN and evaluate it using realworld CVE vulnerabilities, and the results show that SDPN can effectively protect programs from use-after-free vulnerability. We also test SDPN using SPEC 2006 and the experimental results demonstrate that the time overhead introduced by SDPN is almost negligible, i.e., <1%.

引用

页码：507 / 523

页数：17

共 50 条

[31] Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities
Wang, Haijun
Xie, Xiaofei
Li, Yi
Wen, Cheng
Li, Yuekang
Liu, Yang
Qin, Shengchao
Chen, Hongxu
Sui, Yulei
[J]. 2020 ACM/IEEE 42ND INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE 2020), 2020, : 999 - 1010
[32] HeapExpo: Pinpointing Promoted Pointers to Prevent Use-After-Free Vulnerabilities
Shen, Zekun
Dolan-Gavitt, Brendan
[J]. 36TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2020), 2020, : 454 - 465
[33] Identifying Use-After-Free Variables in Fire-and-Forget Tasks
Krishna, Jyothi V. S.
Litvinov, Vassily
[J]. 2017 IEEE INTERNATIONAL PARALLEL AND DISTRIBUTED PROCESSING SYMPOSIUM WORKSHOPS (IPDPSW), 2017, : 1086 - 1094
[34] MineSweeper: A "Clean Sweep" for Drop-In Use-after-Free Prevention
Erdos, Marton
Ainsworth, Sam
Jones, Timothy M.
[J]. ASPLOS '22: PROCEEDINGS OF THE 27TH ACM INTERNATIONAL CONFERENCE ON ARCHITECTURAL SUPPORT FOR PROGRAMMING LANGUAGES AND OPERATING SYSTEMS, 2022, : 212 - 225
[35] From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel
Xu, Wen
Li, Juanru
Shu, Junliang
Yang, Wenbo
Xie, Tianyi
Zhang, Yuanyuan
Gu, Dawu
[J]. CCS'15: PROCEEDINGS OF THE 22ND ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2015, : 414 - 425
[36] UAF-GUARD: Defending the use-after-free exploits via fine-grained memory permission management
Xu, Guangquan
Lei, Wenqing
Gong, Lixiao
Liu, Jian
Bai, Hongpeng
Chen, Kai
Wang, Ran
Wang, Wei
Liang, Kaitai
Wang, Weizhe
Meng, Weizhi
Liu, Shaoying
[J]. COMPUTERS & SECURITY, 2023, 125
[37] Multi-level Directed Fuzzing for Detecting Use-after-Free Vulnerabilities
Zhang, Yuntao
Wang, Zhongru
Yu, Weiqiang
Fang, Binxing
[J]. 2021 IEEE 20TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2021), 2021, : 569 - 576
[38] FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
Wu, Wei
Chen, Yueqi
Xu, Jun
Xing, Xinyu
Gong, Xiaorui
Zou, Wei
[J]. PROCEEDINGS OF THE 27TH USENIX SECURITY SYMPOSIUM, 2018, : 781 - 797
[39] MarkUs: Drop-in use-after-free prevention for low-level languages
Ainsworth, Sam
Jones, Timothy M.
[J]. 2020 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2020), 2020, : 578 - 591
[40] Mpchecker: Use-After-Free Vulnerabilities Protection Based on Multi-Level Pointers
Qiang, Weizhong
Li, Weifeng
Jin, Hai
Surbiryala, Jayachander
[J]. IEEE ACCESS, 2019, 7 : 45961 - 45977

← 1 2 3 4 5 →