NDSS 2018 Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing
NDSS 2018 Session 5A: Software Security
05 Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing
SUMMARY
Memory errors are one of the most common vulnerabilities for the popularity of memory unsafe languages including C and C++. Once exploited, it can easily lead to system crash (i.e., denial-of-service attacks) or allow adversaries to fully compromise the victim system. This paper proposes MEDS, a practical memory error detector. MEDS signi cantly enhances its detection capability by approximating two ideal properties, called an in nite gap and an in nite heap. The approximated in nite gap of MEDS setups large inaccessible memory region between objects (i.e., 4 MB), and the approximated in nite heap allows MEDS to fully utilize virtual address space (i.e., 45-bits memory space). The key idea of MEDS in achieving these properties is a novel user-space memory allocation mechanism, MEDSALLOC. MEDSALLOC leverages a page aliasing mechanism, which allows MEDS to maximize the virtual memory space utilization but minimize the physical memory uses. To highlight the detection capability and practical impacts of MEDS, we evaluated and then compared to Google’s state-of-the-art detection tool, AddressSanitizer. MEDS showed three times better detection rates on four real-world vulnerabilities in Chrome and Firefox. More importantly, when used for a fuzz testing, MEDS was able to identify 68.3% more memory errors than AddressSanitizer for the same amount of a testing time, highlighting its practical aspects in the software testing area. In terms of performance overhead, MEDS slowed down 108% and 86% compared to native execution and AddressSanitizer, respectively, on real-world applications including Chrome, Firefox, Apache, Nginx, and OpenSSL.
SLIDES
http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/03/NDSS2018_05A-5_Han_Slides.pdf
PAPER
http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_05A-5_Han_paper.pdf
SLIDES
http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/03/NDSS2018_05A-5_Han_Slides.pdf
AUTHORS
Wookhyun Han (KAIST)
Byunggill Joe (KAIST), Byoungyoung Lee (Purdue University)
Chengyu Song (University of California, Riverside)
Insik Shin (KAIST)
Network and Distributed System Security (NDSS) Symposium 2018, 18-21 February 2018, Catamaran Resort Hotel & Spa in San Diego, California.
https://www.ndss-symposium.org/ndss2018/programme/
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
https://www.ndss-symposium.org/
#NDSS #NDSS18 #NDSS2018 #InternetSecurity
Видео NDSS 2018 Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing канала NDSS Symposium
05 Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing
SUMMARY
Memory errors are one of the most common vulnerabilities for the popularity of memory unsafe languages including C and C++. Once exploited, it can easily lead to system crash (i.e., denial-of-service attacks) or allow adversaries to fully compromise the victim system. This paper proposes MEDS, a practical memory error detector. MEDS signi cantly enhances its detection capability by approximating two ideal properties, called an in nite gap and an in nite heap. The approximated in nite gap of MEDS setups large inaccessible memory region between objects (i.e., 4 MB), and the approximated in nite heap allows MEDS to fully utilize virtual address space (i.e., 45-bits memory space). The key idea of MEDS in achieving these properties is a novel user-space memory allocation mechanism, MEDSALLOC. MEDSALLOC leverages a page aliasing mechanism, which allows MEDS to maximize the virtual memory space utilization but minimize the physical memory uses. To highlight the detection capability and practical impacts of MEDS, we evaluated and then compared to Google’s state-of-the-art detection tool, AddressSanitizer. MEDS showed three times better detection rates on four real-world vulnerabilities in Chrome and Firefox. More importantly, when used for a fuzz testing, MEDS was able to identify 68.3% more memory errors than AddressSanitizer for the same amount of a testing time, highlighting its practical aspects in the software testing area. In terms of performance overhead, MEDS slowed down 108% and 86% compared to native execution and AddressSanitizer, respectively, on real-world applications including Chrome, Firefox, Apache, Nginx, and OpenSSL.
SLIDES
http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/03/NDSS2018_05A-5_Han_Slides.pdf
PAPER
http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_05A-5_Han_paper.pdf
SLIDES
http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/03/NDSS2018_05A-5_Han_Slides.pdf
AUTHORS
Wookhyun Han (KAIST)
Byunggill Joe (KAIST), Byoungyoung Lee (Purdue University)
Chengyu Song (University of California, Riverside)
Insik Shin (KAIST)
Network and Distributed System Security (NDSS) Symposium 2018, 18-21 February 2018, Catamaran Resort Hotel & Spa in San Diego, California.
https://www.ndss-symposium.org/ndss2018/programme/
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
https://www.ndss-symposium.org/
#NDSS #NDSS18 #NDSS2018 #InternetSecurity
Видео NDSS 2018 Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing канала NDSS Symposium
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
NDSS 2021 Practical Non-Interactive Searchable Encryption with Forward and Backward Privacy
NDSS 2020 SPEECHMINER Framework Investigating and Measuring Speculative Execution Vulnerabilities
NDSS 2020 Genotype Extraction and False Relative Attacks: Security Risks to Genealogy Services
NDSS 2020 Compliance Cautions: Security Issues Associated with U.S. Digital-Security Standards
NDSS 2020 Measuring the Deployment of Network Censorship Filters at Global Scale
NDSS 2021 SquirRL: Automating Attack Analysis on Blockchain Incentive Mechanisms with Deep Learning
NDSS 2021 WATSON: Abstracting Behaviors from Audit Logs via Aggregation of Contextual Semantics
NDSS 2021 All the Numbers are US: Large-scale Abuse of Contact Discovery in Mobile Messengers
NDSS 2021 As Strong As Its Weakest Link: How to Break Blockchain DApps at RPC Service
NDSS 2020 Et Tu Alexa? When Commodity WiFi Devices Turn into Adversarial Motion Sensors
NDSS 2022 AutoSec Demo #14: In-Vehicle Communication Using Named Data Networking
NDSS 2022 LASER - “Mind your own cryptocurrency!”
NDSS 2022 MADWeb - Chhoyhopper: A Moving Target Defense with IPv6
NDSS 2020 Closing Remarks
NDSS 2022 BAR - 30 Years into Scientific Binary Decompilation: What We Have Achieved and What We...
NDSS 2021 Screen Gleaning: Screen Reading TEMPEST Attack on Mobile Devices Exploiting a Side Channel
NDSS 2022 BAR - Beyond the C: Retargetable Decompilation using Neural Machine Translation
NDSS 2021 Processing Dangerous Paths – On Security and Privacy of the Portable Document Format
NDSS 2020 Decentralized Control: A Case Study of Russia
NDSS 2020 µRAI: Securing Embedded Systems with Return Address Integrity
NDSS 2020 ABSynthe: Automatic Blackbox Side-channel Synthesis on Commodity Microarchitectures