TY - GEN
T1 - Position Paper: Towards a Hybrid Approach to Protect Against Memory Safety Vulnerabilities
AU - Alshmrany, Kaled
AU - Bhayat, Ahmed
AU - Brauße, Franz
AU - Cordeiro, Lucas
AU - Korovin, Konstantin
AU - Melham, Tom
AU - Mustafa, Mustafa A.
AU - Olivier, Pierre
AU - Reger, Giles
AU - Shmarov, Fedor
PY - 2022/8/30
Y1 - 2022/8/30
N2 - Memory corruption bugs continue to plague lowlevel systems software, generally written in unsafe programming languages. In order to detect and protect against such exploits, many pre- and post-deployment techniques exist. In this position paper, we propose and motivate the need for a hybrid approach for the protection against memory safety vulnerabilities, combining techniques that can identify the presence (and absence) of vulnerabilities pre-deployment with those that can detect and mitigate such vulnerabilities post-deployment. Our proposed hybrid approach involves three layers: hardware runtime protection provided by capability hardware, software runtime protection provided by compiler instrumentation, and static analysis provided by bounded model checking and symbolic execution. The key aspect of the proposed hybrid approach is that the protection offered is greater than the sum of its parts – the expense of postdeployment runtime checks is potentially reduced via information obtained during pre-deployment analysis. During pre-deployment analysis, static checking can be guided by runtime information.
AB - Memory corruption bugs continue to plague lowlevel systems software, generally written in unsafe programming languages. In order to detect and protect against such exploits, many pre- and post-deployment techniques exist. In this position paper, we propose and motivate the need for a hybrid approach for the protection against memory safety vulnerabilities, combining techniques that can identify the presence (and absence) of vulnerabilities pre-deployment with those that can detect and mitigate such vulnerabilities post-deployment. Our proposed hybrid approach involves three layers: hardware runtime protection provided by capability hardware, software runtime protection provided by compiler instrumentation, and static analysis provided by bounded model checking and symbolic execution. The key aspect of the proposed hybrid approach is that the protection offered is greater than the sum of its parts – the expense of postdeployment runtime checks is potentially reduced via information obtained during pre-deployment analysis. During pre-deployment analysis, static checking can be guided by runtime information.
M3 - Conference contribution
BT - IEEE Secure Development Conference
ER -