Master’s Thesis Presentation • Cryptography, Security, and Privacy (CrySP) • Efficient Memory Allocator for Restricting Use-After-Free ExploitationsExport this event to calendar

Tuesday, June 18, 2024 — 11:00 AM to 12:00 PM EDT

Please note: This master’s thesis presentation will take place online.

Ruizhe Wang, Master’s candidate
David R. Cheriton School of Computer Science

Supervisors: Professors N. Asokan, Meng Xu

Attacks on heap memory, encompassing memory overflow, double and invalid free, use-after-free (UAF), and various heap-spraying techniques are ever-increasing. Existing secure memory allocators can be generally classified as complete UAF-mitigating allocators that focus on detecting and stopping UAF attacks, type-based allocators that limit type confusion, and entropy-based allocators that provide statistical defenses against virtually all of these attack vectors. In this thesis, I introduce two novel approaches, SEMalloc and S2Malloc, of type- and entropy-based allocator, respectively. Both allocators are designed to restrict the attacker’s ability, that can significantly increase the security level without introducing excessive overheads.

SEMalloc proposes a new notion of thread-, context-, and flow-sensitive ‘type’, textttSemaType, to capture the semantics and prototype a textttSemaType-based allocator that aims for the best trade-off amongst the impossible trinity. In SEMalloc, only heap objects allocated from the same call site and via the same function call stack can possibly share a virtual memory address, which effectively stops type-confusion attacks and make UAF vulnerabilities harder to exploit.

S2Malloc aims to enhance UAF-attempt detection without compromising other security guarantees or introducing significant overhead. We use three innovative constructs in secure allocator design: textbffree block canaries (FBC) to detect UAF attempts, textbfrandom in-block offset (RIO) to stop the attacker from accurately overwriting the victim object, and textbfrandom bag layout (RBL) to impede attackers from estimating the block size based on its address.

This thesis demonstrates the importance of memory security and highlights the potential of more secure and efficient memory allocation by constraining attacker actions.


To attend this master’s thesis presentation on Zoom, please go to https://uwaterloo.zoom.us/j/2973410881.

Location 
Online master’s thesis presentation
200 University Ave West

Waterloo, ON N2L 3G1
Canada
Event tags 

S M T W T F S
26
27
28
29
30
31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
1
2
3
4
5
6
  1. 2024 (163)
    1. August (2)
    2. July (3)
    3. June (17)
    4. May (23)
    5. April (41)
    6. March (27)
    7. February (25)
    8. January (25)
  2. 2023 (296)
    1. December (20)
    2. November (28)
    3. October (15)
    4. September (25)
    5. August (30)
    6. July (30)
    7. June (22)
    8. May (23)
    9. April (32)
    10. March (31)
    11. February (18)
    12. January (22)
  3. 2022 (245)
  4. 2021 (210)
  5. 2020 (217)
  6. 2019 (255)
  7. 2018 (217)
  8. 2017 (36)
  9. 2016 (21)
  10. 2015 (36)
  11. 2014 (33)
  12. 2013 (23)
  13. 2012 (4)
  14. 2011 (1)
  15. 2010 (1)
  16. 2009 (1)
  17. 2008 (1)