Related papers: CAMP: Compiler and Allocator-based Heap Memory Protection

CAMP: Compiler and Allocator-based Heap Memory Protection

URL: http://arxiv.org/abs/2406.02737v1
Date: Tue, 4 Jun 2024 19:37:41 GMT
Title: CAMP: Compiler and Allocator-based Heap Memory Protection
Authors: Zhenpeng Lin, Zheng Yu, Ziyi Guo, Simone Campanoni, Peter Dinda, Xinyu Xing,
Abstract summary: We present CAMP, a new sanitizer for detecting and capturing heap memory corruption. CAMP enables various compiler optimization strategies and thus eliminates redundant and unnecessary check instrumentation. Our evaluation and comparison of CAMP with existing tools, using both real-world applications and SPEC CPU benchmarks, show that it provides even better heap corruption detection capability with lower runtime overhead.
Score: 23.84729234219481
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: The heap is a critical and widely used component of many applications. Due to its dynamic nature, combined with the complexity of heap management algorithms, it is also a frequent target for security exploits. To enhance the heap's security, various heap protection techniques have been introduced, but they either introduce significant runtime overhead or have limited protection. We present CAMP, a new sanitizer for detecting and capturing heap memory corruption. CAMP leverages a compiler and a customized memory allocator. The compiler adds boundary-checking and escape-tracking instructions to the target program, while the memory allocator tracks memory ranges, coordinates with the instrumentation, and neutralizes dangling pointers. With the novel error detection scheme, CAMP enables various compiler optimization strategies and thus eliminates redundant and unnecessary check instrumentation. This design minimizes runtime overhead without sacrificing security guarantees. Our evaluation and comparison of CAMP with existing tools, using both real-world applications and SPEC CPU benchmarks, show that it provides even better heap corruption detection capability with lower runtime overhead.

Related papers

SJMalloc: the security-conscious, fast, thread-safe and memory-efficient heap allocator [0.0]
Heap-based exploits pose a significant threat to application security. hardened allocators have not been widely adopted in real-world applications. SJMalloc stores its metadata out-of-band, away from the application's data on the heap. SJMalloc demonstrates a 6% performance improvement compared to GLibcs allocator, while using only 5% more memory.
arXiv Detail & Related papers (2024-10-23T14:47:12Z)
DeTRAP: RISC-V Return Address Protection With Debug Triggers [20.807256514935084]
DeTRAP provides a write-protected shadow stack for return addresses. It requires no memory protection hardware and only minor changes to the compiler toolchain.
arXiv Detail & Related papers (2024-08-30T12:42:54Z)
ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization [24.4696797147503]
heap corruption poses severe threats to system security. We present ShadowBound, a unique heap memory protection design. We implement ShadowBound atop the LLVM framework and integrated three state-of-the-art use-after-free defenses.
arXiv Detail & Related papers (2024-06-04T07:02:53Z)
RTracker: Recoverable Tracking via PN Tree Structured Memory [71.05904715104411]
We propose a recoverable tracking framework, RTracker, that uses a tree-structured memory to dynamically associate a tracker and a detector to enable self-recovery. Specifically, we propose a Positive-Negative Tree-structured memory to chronologically store and maintain positive and negative target samples. Our core idea is to use the support samples of positive and negative target categories to establish a relative distance-based criterion for a reliable assessment of target loss.
arXiv Detail & Related papers (2024-03-28T08:54:40Z)
Holographic Global Convolutional Networks for Long-Range Prediction Tasks in Malware Detection [50.7263393517558]
We introduce Holographic Global Convolutional Networks (HGConv) that utilize the properties of Holographic Reduced Representations (HRR) Unlike other global convolutional methods, our method does not require any intricate kernel computation or crafted kernel design. The proposed method has achieved new SOTA results on Microsoft Malware Classification Challenge, Drebin, and EMBER malware benchmarks.
arXiv Detail & Related papers (2024-03-23T15:49:13Z)
MCUFormer: Deploying Vision Transformers on Microcontrollers with Limited Memory [76.02294791513552]
We propose a hardware-algorithm co-optimizations method called MCUFormer to deploy vision transformers on microcontrollers with extremely limited memory. Experimental results demonstrate that our MCUFormer achieves 73.62% top-1 accuracy on ImageNet for image classification with 320KB memory.
arXiv Detail & Related papers (2023-10-25T18:00:26Z)
Model Tells You What to Discard: Adaptive KV Cache Compression for LLMs [82.08922896531618]
We introduce adaptive KV cache compression, a plug-and-play method that reduces the memory footprint of generative inference for Large Language Models (LLMs) We conduct targeted profiling to discern the intrinsic structure of attention modules. Based on the recognized structure, we then construct the KV cache in an adaptive manner: evicting long-range contexts on attention heads emphasizing local contexts, discarding non-special tokens on attention heads centered on special tokens, and only employing the standard KV cache for attention heads that broadly attend to all tokens.
arXiv Detail & Related papers (2023-10-03T05:17:08Z)
Analysis of the Memorization and Generalization Capabilities of AI Agents: Are Continual Learners Robust? [91.682459306359]
In continual learning (CL), an AI agent learns from non-stationary data streams under dynamic environments. In this paper, a novel CL framework is proposed to achieve robust generalization to dynamic environments while retaining past knowledge. The generalization and memorization performance of the proposed framework are theoretically analyzed.
arXiv Detail & Related papers (2023-09-18T21:00:01Z)
Securing Optimized Code Against Power Side Channels [1.589424114251205]
Security engineers often sacrifice code efficiency by turning off compiler optimization and/or performing local, post-compilation transformations. This paper proposes SecConCG, a constraint-based compiler approach that generates optimized yet secure code.
arXiv Detail & Related papers (2022-07-06T12:06:28Z)
CryptSan: Leveraging ARM Pointer Authentication for Memory Safety in C/C++ [0.9208007322096532]
CryptSan is a memory safety approach based on ARM Pointer Authentication. We present a full LLVM-based prototype implementation, running on an M1 MacBook Pro. This, together with its interoperability with uninstrumented libraries and cryptographic protection against attacks on metadata, makes CryptSan a viable solution for retrofitting memory safety to C/C++ programs.
arXiv Detail & Related papers (2022-02-17T14:04:01Z)
Learning Dynamic Compact Memory Embedding for Deformable Visual Object Tracking [82.34356879078955]
We propose a compact memory embedding to enhance the discrimination of the segmentation-based deformable visual tracking method. Our method outperforms the excellent segmentation-based trackers, i.e., D3S and SiamMask on DAVIS 2017 benchmark.
arXiv Detail & Related papers (2021-11-23T03:07:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.