Naslov
SoK: Secure Memory Allocation

Autori
Novković, Bojan ; Golub, Marin

Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), ostalo

Skup
20th International Conference on Cryptology And Network Security

Mjesto i datum
Beč, Austrija, 13.12.2021. - 15.12.2021

Vrsta sudjelovanja
Predavanje

Vrsta recenzije
Međunarodna recenzija

Ključne riječi
Memory allocation ; Systems security ; Memory safety

Sažetak
Heap-related memory corruption vulnerabilities are a severe threat that continues to wreak havoc in widespread software despite a few decades of research. Research in hardening memory allocation yielded several proposed designs and a large number of techniques designed to mitigate common heap- related vulnerabilities. However, rigid performance requirements imposed by the majority of vulnerable workloads are a severe hindrance to the practical use of secure memory allocation techniques and systems. This paper aims to systematically analyze and classify all secure heap allocation techniques and systems implementing them, which emerged in the last two decades, and compare their performance to conventional systems. We provide a concise overview of heap-related vulnerabilities and construct a threat model to identify previously overlooked and unmitigated threats. We analyze the root causes of performance overheads observed in the existing literature and identify practical issues hindering the adoption of secure memory allocation systems in practice. We conduct fine-grained and coarse-grained benchmarks on real-life workloads and well-known benchmark suites to compare and analyze the overall performance of secure memory allocation systems to conventional ones. Using the aforementioned benchmark results, we compare different designs of secure memory allocation systems and provide guidelines for striking a balance between security and performance in future designs.

Izvorni jezik
Engleski

Znanstvena područja
Računarstvo

POVEZANOST RADA