Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks

Toshihiro Yamauchi, Yuta Ikegami

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Citations (Scopus)

Abstract

Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

Original languageEnglish
Title of host publicationNetwork and System Security - 10th International Conference, NSS 2016, Proceedings
PublisherSpringer Verlag
Pages219-234
Number of pages16
Volume9955 LNCS
ISBN (Print)9783319462974
DOIs
Publication statusPublished - 2016
Event10th International Conference on Network and System Security, NSS 2016 - Taipei, Taiwan, Province of China
Duration: Sep 28 2016Sep 30 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9955 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other10th International Conference on Network and System Security, NSS 2016
CountryTaiwan, Province of China
CityTaipei
Period9/28/169/30/16

Fingerprint

Timing
Attack
Data storage equipment
Vulnerability
Linux
Reuse
Evaluation

Keywords

  • Memory-reuse-prohibited library
  • System security
  • UAF attackprevention
  • Use-after-free (UAF) vulnerabilities

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Yamauchi, T., & Ikegami, Y. (2016). Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks. In Network and System Security - 10th International Conference, NSS 2016, Proceedings (Vol. 9955 LNCS, pp. 219-234). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9955 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-46298-1_15

Heaprevolver : Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks. / Yamauchi, Toshihiro; Ikegami, Yuta.

Network and System Security - 10th International Conference, NSS 2016, Proceedings. Vol. 9955 LNCS Springer Verlag, 2016. p. 219-234 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9955 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Yamauchi, T & Ikegami, Y 2016, Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks. in Network and System Security - 10th International Conference, NSS 2016, Proceedings. vol. 9955 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9955 LNCS, Springer Verlag, pp. 219-234, 10th International Conference on Network and System Security, NSS 2016, Taipei, Taiwan, Province of China, 9/28/16. https://doi.org/10.1007/978-3-319-46298-1_15
Yamauchi T, Ikegami Y. Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks. In Network and System Security - 10th International Conference, NSS 2016, Proceedings. Vol. 9955 LNCS. Springer Verlag. 2016. p. 219-234. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-46298-1_15
Yamauchi, Toshihiro ; Ikegami, Yuta. / Heaprevolver : Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks. Network and System Security - 10th International Conference, NSS 2016, Proceedings. Vol. 9955 LNCS Springer Verlag, 2016. pp. 219-234 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{9406e85a5b914074807481e2ef223152,
title = "Heaprevolver: Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks",
abstract = "Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.",
keywords = "Memory-reuse-prohibited library, System security, UAF attackprevention, Use-after-free (UAF) vulnerabilities",
author = "Toshihiro Yamauchi and Yuta Ikegami",
year = "2016",
doi = "10.1007/978-3-319-46298-1_15",
language = "English",
isbn = "9783319462974",
volume = "9955 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "219--234",
booktitle = "Network and System Security - 10th International Conference, NSS 2016, Proceedings",

}

TY - GEN

T1 - Heaprevolver

T2 - Delaying and randomizing timing of release of freed memory area to prevent use-after-free attacks

AU - Yamauchi, Toshihiro

AU - Ikegami, Yuta

PY - 2016

Y1 - 2016

N2 - Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

AB - Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

KW - Memory-reuse-prohibited library

KW - System security

KW - UAF attackprevention

KW - Use-after-free (UAF) vulnerabilities

UR - http://www.scopus.com/inward/record.url?scp=84989931385&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84989931385&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-46298-1_15

DO - 10.1007/978-3-319-46298-1_15

M3 - Conference contribution

AN - SCOPUS:84989931385

SN - 9783319462974

VL - 9955 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 219

EP - 234

BT - Network and System Security - 10th International Conference, NSS 2016, Proceedings

PB - Springer Verlag

ER -