Mitigating use-after-free attack using library considering size and number of freed memory

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Use-after-free (UAF) vulnerabilities, are abused by exploiting a dangling pointer that refers to a freed memory, location and then executing arbitrary code. Vulnerabilities are caused by bugs in software programs, particularly large scale programs such as browsers. We had previously proposed HeapRevolver, which prohibits freed memory area from being reused for a certain period. HeapRevolver on Windows uses the number of freed memory areas that are prohibited for reuse as a trigger to release the freed memory area. Alternatively, HeapRevolver uses the number of the freed memory areas as a threshold for releasing freed memory. However, when the size of individual freed memory area is large, HeapRevolver on Windows increases the memory overhead. In this paper, we propose an improved HeapRevolver for Windows considering the size and number of the freed memory areas. The improved HeapRevolver prohibits the reuse of a certain number of freed memory areas at a given time by considering the size and number of freed memory areas as thresholds. Evaluation results demonstrate that the improved HeapRevolver can prevent attacks that exploit UAF vulnerabilities. Particularly, when the size of individual freed memory area is small in a program, HeapRevolver is effective in decreasing the attack success rate.

Original languageEnglish
Title of host publicationProceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages398-404
Number of pages7
ISBN (Electronic)9781538691847
DOIs
Publication statusPublished - Dec 26 2018
Event6th International Symposium on Computing and Networking Workshops, CANDARW 2018 - Takayama, Japan
Duration: Nov 27 2018Nov 30 2018

Publication series

NameProceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018

Conference

Conference6th International Symposium on Computing and Networking Workshops, CANDARW 2018
CountryJapan
CityTakayama
Period11/27/1811/30/18

Fingerprint

Attack
Data storage equipment
Vulnerability
Reuse
Libraries
Trigger
Software
Evaluation
Arbitrary
Demonstrate

Keywords

  • Dangling pointer
  • Memory allocation
  • Security
  • Use-After-Free

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Statistics, Probability and Uncertainty
  • Computer Science Applications

Cite this

Ban, Y., & Yamauchi, T. (2018). Mitigating use-after-free attack using library considering size and number of freed memory. In Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018 (pp. 398-404). [8590934] (Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CANDARW.2018.00080

Mitigating use-after-free attack using library considering size and number of freed memory. / Ban, Yuya; Yamauchi, Toshihiro.

Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018. Institute of Electrical and Electronics Engineers Inc., 2018. p. 398-404 8590934 (Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ban, Y & Yamauchi, T 2018, Mitigating use-after-free attack using library considering size and number of freed memory. in Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018., 8590934, Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, Institute of Electrical and Electronics Engineers Inc., pp. 398-404, 6th International Symposium on Computing and Networking Workshops, CANDARW 2018, Takayama, Japan, 11/27/18. https://doi.org/10.1109/CANDARW.2018.00080
Ban Y, Yamauchi T. Mitigating use-after-free attack using library considering size and number of freed memory. In Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018. Institute of Electrical and Electronics Engineers Inc. 2018. p. 398-404. 8590934. (Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018). https://doi.org/10.1109/CANDARW.2018.00080
Ban, Yuya ; Yamauchi, Toshihiro. / Mitigating use-after-free attack using library considering size and number of freed memory. Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 398-404 (Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018).
@inproceedings{751676fa47864b88a48c98e62deae3fd,
title = "Mitigating use-after-free attack using library considering size and number of freed memory",
abstract = "Use-after-free (UAF) vulnerabilities, are abused by exploiting a dangling pointer that refers to a freed memory, location and then executing arbitrary code. Vulnerabilities are caused by bugs in software programs, particularly large scale programs such as browsers. We had previously proposed HeapRevolver, which prohibits freed memory area from being reused for a certain period. HeapRevolver on Windows uses the number of freed memory areas that are prohibited for reuse as a trigger to release the freed memory area. Alternatively, HeapRevolver uses the number of the freed memory areas as a threshold for releasing freed memory. However, when the size of individual freed memory area is large, HeapRevolver on Windows increases the memory overhead. In this paper, we propose an improved HeapRevolver for Windows considering the size and number of the freed memory areas. The improved HeapRevolver prohibits the reuse of a certain number of freed memory areas at a given time by considering the size and number of freed memory areas as thresholds. Evaluation results demonstrate that the improved HeapRevolver can prevent attacks that exploit UAF vulnerabilities. Particularly, when the size of individual freed memory area is small in a program, HeapRevolver is effective in decreasing the attack success rate.",
keywords = "Dangling pointer, Memory allocation, Security, Use-After-Free",
author = "Yuya Ban and Toshihiro Yamauchi",
year = "2018",
month = "12",
day = "26",
doi = "10.1109/CANDARW.2018.00080",
language = "English",
series = "Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "398--404",
booktitle = "Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018",

}

TY - GEN

T1 - Mitigating use-after-free attack using library considering size and number of freed memory

AU - Ban, Yuya

AU - Yamauchi, Toshihiro

PY - 2018/12/26

Y1 - 2018/12/26

N2 - Use-after-free (UAF) vulnerabilities, are abused by exploiting a dangling pointer that refers to a freed memory, location and then executing arbitrary code. Vulnerabilities are caused by bugs in software programs, particularly large scale programs such as browsers. We had previously proposed HeapRevolver, which prohibits freed memory area from being reused for a certain period. HeapRevolver on Windows uses the number of freed memory areas that are prohibited for reuse as a trigger to release the freed memory area. Alternatively, HeapRevolver uses the number of the freed memory areas as a threshold for releasing freed memory. However, when the size of individual freed memory area is large, HeapRevolver on Windows increases the memory overhead. In this paper, we propose an improved HeapRevolver for Windows considering the size and number of the freed memory areas. The improved HeapRevolver prohibits the reuse of a certain number of freed memory areas at a given time by considering the size and number of freed memory areas as thresholds. Evaluation results demonstrate that the improved HeapRevolver can prevent attacks that exploit UAF vulnerabilities. Particularly, when the size of individual freed memory area is small in a program, HeapRevolver is effective in decreasing the attack success rate.

AB - Use-after-free (UAF) vulnerabilities, are abused by exploiting a dangling pointer that refers to a freed memory, location and then executing arbitrary code. Vulnerabilities are caused by bugs in software programs, particularly large scale programs such as browsers. We had previously proposed HeapRevolver, which prohibits freed memory area from being reused for a certain period. HeapRevolver on Windows uses the number of freed memory areas that are prohibited for reuse as a trigger to release the freed memory area. Alternatively, HeapRevolver uses the number of the freed memory areas as a threshold for releasing freed memory. However, when the size of individual freed memory area is large, HeapRevolver on Windows increases the memory overhead. In this paper, we propose an improved HeapRevolver for Windows considering the size and number of the freed memory areas. The improved HeapRevolver prohibits the reuse of a certain number of freed memory areas at a given time by considering the size and number of freed memory areas as thresholds. Evaluation results demonstrate that the improved HeapRevolver can prevent attacks that exploit UAF vulnerabilities. Particularly, when the size of individual freed memory area is small in a program, HeapRevolver is effective in decreasing the attack success rate.

KW - Dangling pointer

KW - Memory allocation

KW - Security

KW - Use-After-Free

UR - http://www.scopus.com/inward/record.url?scp=85061448830&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85061448830&partnerID=8YFLogxK

U2 - 10.1109/CANDARW.2018.00080

DO - 10.1109/CANDARW.2018.00080

M3 - Conference contribution

AN - SCOPUS:85061448830

T3 - Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018

SP - 398

EP - 404

BT - Proceedings - 2018 6th International Symposium on Computing and Networking Workshops, CANDARW 2018

PB - Institute of Electrical and Electronics Engineers Inc.

ER -