Abstract
Attacks on the heap are an increasingly severe threat. State-of-the-art secure dynamic memory allocators can offer protection, however their memory footprint is high, making them suboptimal in many situations. We introduce Slim-Guard, a secure allocator whose design is driven by memory efficiency. Among other features, SlimGuard uses an efficient fine-grain size classes indexing mechanism and implements a novel dynamic canary scheme. It offers a low memory overhead due its size classes optimized for canary usage, its on-demand metadata allocation, and the combination of randomized allocations and over-provisioning into a single memory efficient security feature. SlimGuard protects against widespread heap-related attacks such as overflows, over-reads, double/invalid free, and use-after-free. Evaluation over a wide range of applications shows that it offers a significant reduction in memory consumption compared to the state-of-the-art secure allocator (up to 2x in macro-benchmarks), while offering similar or better security guarantees and good performance.
| Original language | English |
|---|---|
| Title of host publication | Middleware '19: Proceedings of the 20th International Middleware Conference |
| Publisher | Association for Computing Machinery |
| Pages | 1-13 |
| ISBN (Electronic) | 978-1-4503-7009-7 |
| DOIs | |
| Publication status | Published - 9 Dec 2019 |
| Event | Middleware 2019 - UC Davis, Davis, United States Duration: 9 Dec 2019 → 13 Dec 2019 |
Conference
| Conference | Middleware 2019 |
|---|---|
| Country/Territory | United States |
| City | Davis |
| Period | 9/12/19 → 13/12/19 |