FreeGuard: A Faster Secure Heap Allocator

Date
2017-10-30
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
ACM
Abstract
In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators are designed with very limited countermeasures against attacks, but secure allocators generally suffer from significant performance overhead, e.g., running up to 10x slower. This paper, therefore, introduces FreeGuard, a secure memory allocator that prevents or reduces a wide range of heap-related security attacks, such as heap overflows, heap over-reads, use-after-frees, as well as double and invalid frees. FreeGuard has similar performance to the default Linux allocator, with less than 2% overhead on average, but provides significant improvement to security guarantees.
Description
Keywords
Software and its engineering, Security and privacy
Citation
Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, and Tongping Liu. 2017. FreeGuard: A Faster Secure Heap Allocator. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS '17). Association for Computing Machinery, New York, NY, USA, 2389–2403. https://doi.org/10.1145/3133956.3133957
URI
https://hdl.handle.net/20.500.14216/1078
DOI
https://doi.org/10.1145/3133956.3133957
Collections
Works of Scholarship