SlimGuard: A Secure and Memory-Efficient Heap Allocator

Beichen Liu, Pierre Olivier, Binoy Ravindran

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


Attacks on the heap are an increasingly severe threat. State-of-the-art secure dynamic memory allocators can offer protection, however their memory footprint is high, making them suboptimal in many situations. We introduce Slim-Guard, a secure allocator whose design is driven by memory efficiency. Among other features, SlimGuard uses an efficient fine-grain size classes indexing mechanism and implements a novel dynamic canary scheme. It offers a low memory overhead due its size classes optimized for canary usage, its on-demand metadata allocation, and the combination of randomized allocations and over-provisioning into a single memory efficient security feature. SlimGuard protects against widespread heap-related attacks such as overflows, over-reads, double/invalid free, and use-after-free. Evaluation over a wide range of applications shows that it offers a significant reduction in memory consumption compared to the state-of-the-art secure allocator (up to 2x in macro-benchmarks), while offering similar or better security guarantees and good performance.
Original languageEnglish
Title of host publicationMiddleware '19: Proceedings of the 20th International Middleware Conference
PublisherAssociation for Computing Machinery
ISBN (Electronic)978-1-4503-7009-7
Publication statusPublished - 9 Dec 2019
EventMiddleware 2019 - UC Davis, Davis, United States
Duration: 9 Dec 201913 Dec 2019


ConferenceMiddleware 2019
Country/TerritoryUnited States


Dive into the research topics of 'SlimGuard: A Secure and Memory-Efficient Heap Allocator'. Together they form a unique fingerprint.

Cite this