LightDE: A Lightweight Method for Eliminating Dangling Pointers

• URL: http://arxiv.org/abs/2405.20697v5
• Date: Tue, 12 Nov 2024 07:44:03 GMT
• Title: LightDE: A Lightweight Method for Eliminating Dangling Pointers
• Authors: Xun An,
• Abstract summary: Use-After-Free (UAF) vulnerabilities pose a serious threat to software security. Existing methods for defending against UAF vulnerabilities by eliminating dangling pointers need to interrupt the program's execution. We propose a novel approach called LightDE to overcome this drawback.
• Score: 0.0
• License:
• Abstract: The widespread presence of Use-After-Free (UAF) vulnerabilities poses a serious threat to software security, with dangling pointers being considered the primary cause of these vulnerabilities. However, existing methods for defending against UAF vulnerabilities by eliminating dangling pointers need to interrupt the program's execution when encountering pointer assignment operations in order to store the memory addresses of the pointers in a specific data structure. This makes these methods not lightweight. To overcome this drawback, we propose a novel approach called LightDE. This method does not require storing the memory addresses of pointers during program execution. LightDE uses our proposed structure-sensitive pointer analysis method to determine which objects pointers point to and stores the pointing relationships in the program's data segment during program compilation. Since LightDE only needs to verify if pointers identified by the pointer analysis point to released objects when eliminating dangling pointers, it is very lightweight. Our experimental results show that LightDE can effectively defend against UAF vulnerabilities and the performance overhead it introduces is very low.

Related papers

• ReF Decompile: Relabeling and Function Call Enhanced Decompile [50.86228893636785]
  The goal of decompilation is to convert compiled low-level code (e.g., assembly code) back into high-level programming languages. This task supports various reverse engineering applications, such as vulnerability identification, malware analysis, and legacy software migration.
  arXiv  Detail & Related papers  (2025-02-17T12:38:57Z)
• MappedTrace: Tracing Pointer Remotely with Compiler-generated Maps [4.197499765642787]
  We propose MappedTrace that leverages compiler-generated read-only maps to accurately identify all pointers in any given snapshot of a program's execution state. MappedTrace presents new opportunities to improve memory management techniques like memory leak detection and enables novel use cases such as infinite memory abstraction for resource-constrained environments.
  arXiv  Detail & Related papers  (2025-01-18T06:22:28Z)
• Vital: Vulnerability-Oriented Symbolic Execution via Type-Unsafe Pointer-Guided Monte Carlo Tree Search [18.500951309269396]
  This paper proposes a new vulnerability-oriented symbolic execution via type-unsafe pointer-guided Monte Carlo Tree Search (MCTS) We show that Vital could cover up to 90.03% more unsafe pointers and detect up to 37.50% more unique memory errors. In the latter, the results show that Vital could achieve a speedup of up to 30x execution time and a reduction of up to 20x memory consumption.
  arXiv  Detail & Related papers  (2024-08-16T14:29:57Z)
• Multi-Pass Targeted Dynamic Symbolic Execution [0.0]
  We present a Multi-Pass Targeted Dynamic Execution approach that starts from a target program location and moves backward until it reaches a specified entry point. Our approach achieves on average 4X reduction in the number of paths explored and 2X speedup.
  arXiv  Detail & Related papers  (2024-08-14T20:14:59Z)
• SeMalloc: Semantics-Informed Memory Allocator [18.04397502953383]
  Use-after-free (UAF) is a critical and prevalent problem in memory unsafe languages. We show one way to balance the trinity by passing more semantics about the heap object to the allocator. In SeMalloc, only heap objects allocated from the same call site and via the same function call stack can possibly share a virtual memory address.
  arXiv  Detail & Related papers  (2024-02-02T21:02:15Z)
• Point-Teaching: Weakly Semi-Supervised Object Detection with Point Annotations [81.02347863372364]
  We present Point-Teaching, a weakly semi-supervised object detection framework. Specifically, we propose a Hungarian-based point matching method to generate pseudo labels for point annotated images. We propose a simple-yet-effective data augmentation, termed point-guided copy-paste, to reduce the impact of the unmatched points.
  arXiv  Detail & Related papers  (2022-06-01T07:04:38Z)
• Object Localization under Single Coarse Point Supervision [107.46800858130658]
  We propose a POL method using coarse point annotations, relaxing the supervision signals from accurate key points to freely spotted points. CPR constructs point bags, selects semantic-correlated points, and produces semantic center points through multiple instance learning (MIL) In this way, CPR defines a weakly supervised evolution procedure, which ensures training high-performance object localizer under coarse point supervision.
  arXiv  Detail & Related papers  (2022-03-17T14:14:11Z)
• SASA: Semantics-Augmented Set Abstraction for Point-based 3D Object Detection [78.90102636266276]
  We propose a novel set abstraction method named Semantics-Augmented Set Abstraction (SASA) Based on the estimated point-wise foreground scores, we then propose a semantics-guided point sampling algorithm to help retain more important foreground points during down-sampling. In practice, SASA shows to be effective in identifying valuable points related to foreground objects and improving feature learning for point-based 3D detection.
  arXiv  Detail & Related papers  (2022-01-06T08:54:47Z)
• Segment and Complete: Defending Object Detectors against Adversarial Patch Attacks with Robust Patch Detection [142.24869736769432]
  Adversarial patch attacks pose a serious threat to state-of-the-art object detectors. We propose Segment and Complete defense (SAC), a framework for defending object detectors against patch attacks. We show SAC can significantly reduce the targeted attack success rate of physical patch attacks.
  arXiv  Detail & Related papers  (2021-12-08T19:18:48Z)
• CGuard: Efficient Spatial Safety for C [0.5249805590164903]
  We present CGuard, a tool that provides object-bounds protection for C applications with comparable overheads to SGXBounds without restricting the application address space. CGuard stores the bounds information just before the base address of an object and encodes the relative offset of the base address in the spare bits of the virtual address available in x86_64 architecture.
  arXiv  Detail & Related papers  (2021-07-22T09:09:37Z)
• Point-Set Anchors for Object Detection, Instance Segmentation and Pose Estimation [85.96410825961966]
  We argue that the image features extracted at a central point contain limited information for predicting distant keypoints or bounding box boundaries. To facilitate inference, we propose to instead perform regression from a set of points placed at more advantageous positions. We apply this proposed framework, called Point-Set Anchors, to object detection, instance segmentation, and human pose estimation.
  arXiv  Detail & Related papers  (2020-07-06T15:59:56Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.