标签保护:一种有效的、动态的越界内存访问检测方法

Proceedings of the Third Workshop on Cryptography and Security in Computing Systems Pub Date : 2016-01-20 DOI:10.1145/2858930.2858936

A. Saeed, A. Ahmadinia, Mike Just

{"title":"标签保护:一种有效的、动态的越界内存访问检测方法","authors":"A. Saeed, A. Ahmadinia, Mike Just","doi":"10.1145/2858930.2858936","DOIUrl":null,"url":null,"abstract":"Programming languages permitting immediate memory accesses through pointers often result in applications having memory-related errors, which may lead to unpredictable failures and security vulnerabilities. A light-weight solution is presented in this paper to tackle such illegal memory accesses dynamically in C/C++ based applications. We propose a new and effective method of instrumenting an application's source code at compile time in order to detect out-of-bound memory accesses. It is based on creating tags, to be coupled with each memory allocation and then placing additional tag checking instructions for each access made to the memory. The proposed solution is evaluated by instrumenting applications from the BugBench benchmark suite and publicly available benchmark software, Runtime Intrusion Prevention Evaluator (RIPE), detecting all the bugs successfully. The performance and memory overhead is further analysed by instrumenting and executing real world applications.","PeriodicalId":104042,"journal":{"name":"Proceedings of the Third Workshop on Cryptography and Security in Computing Systems","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Tag-Protector: An Effective and Dynamic Detection of Out-of-bound Memory Accesses\",\"authors\":\"A. Saeed, A. Ahmadinia, Mike Just\",\"doi\":\"10.1145/2858930.2858936\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Programming languages permitting immediate memory accesses through pointers often result in applications having memory-related errors, which may lead to unpredictable failures and security vulnerabilities. A light-weight solution is presented in this paper to tackle such illegal memory accesses dynamically in C/C++ based applications. We propose a new and effective method of instrumenting an application's source code at compile time in order to detect out-of-bound memory accesses. It is based on creating tags, to be coupled with each memory allocation and then placing additional tag checking instructions for each access made to the memory. The proposed solution is evaluated by instrumenting applications from the BugBench benchmark suite and publicly available benchmark software, Runtime Intrusion Prevention Evaluator (RIPE), detecting all the bugs successfully. The performance and memory overhead is further analysed by instrumenting and executing real world applications.\",\"PeriodicalId\":104042,\"journal\":{\"name\":\"Proceedings of the Third Workshop on Cryptography and Security in Computing Systems\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-01-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the Third Workshop on Cryptography and Security in Computing Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2858930.2858936\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Third Workshop on Cryptography and Security in Computing Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2858930.2858936","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

允许通过指针立即访问内存的编程语言通常会导致应用程序出现与内存相关的错误，这可能导致不可预测的故障和安全漏洞。在基于C/ c++的应用程序中，提出了一种轻量级的动态处理非法内存访问的解决方案。我们提出了一种新的、有效的方法，在编译时检测应用程序的源代码，以检测超出边界的内存访问。它基于创建标记，与每个内存分配相结合，然后为每次对内存的访问放置额外的标记检查指令。通过测试来自BugBench基准测试套件和公开可用的基准测试软件Runtime Intrusion Prevention Evaluator (RIPE)的应用程序，对所提出的解决方案进行了评估，成功检测出所有错误。通过检测和执行实际应用程序，进一步分析性能和内存开销。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Tag-Protector: An Effective and Dynamic Detection of Out-of-bound Memory Accesses

Programming languages permitting immediate memory accesses through pointers often result in applications having memory-related errors, which may lead to unpredictable failures and security vulnerabilities. A light-weight solution is presented in this paper to tackle such illegal memory accesses dynamically in C/C++ based applications. We propose a new and effective method of instrumenting an application's source code at compile time in order to detect out-of-bound memory accesses. It is based on creating tags, to be coupled with each memory allocation and then placing additional tag checking instructions for each access made to the memory. The proposed solution is evaluated by instrumenting applications from the BugBench benchmark suite and publicly available benchmark software, Runtime Intrusion Prevention Evaluator (RIPE), detecting all the bugs successfully. The performance and memory overhead is further analysed by instrumenting and executing real world applications.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the Third Workshop on Cryptography and Security in Computing Systems

自引率

0.00%

发文量