Abstract
Heap based buffer overflows are a dangerous class of vulnerability. One countermeasure is randomizing the location of heap memory blocks. Existing techniques segregate the address space into clusters, each of which is used exclusively for one block size. This approach requires a large amount of address space reservation, and results in lower location randomization for larger blocks.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
The PaX Team: Homepage of the PaX Team, http://pax.grsecurity.net
Android community: Android security overview, http://source.android.com/tech/security/index.html
Otto Moerbeek: A new malloc(3) for OpenBSD, http://www.openbsd.org/papers/eurobsdcon2009/otto-malloc.pdf
Ollie Whitehouse: An Analysis of Address Space Layout Randomization on Windows Vista, http://www.symantec.com/avcenter/reference/Address_Space_Layout_Randomization.pdf .
Berger, E.D., Zorn, B.G.: Diehard: probabilistic memory safety for unsafe languages. In: Proceedings of the 2006 ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2006, pp. 158–168. ACM, New York (2006)
Novark, G., Berger, E.D.: Dieharder: securing the heap. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 573–584. ACM, New York (2010)
Li, L., Just, J.E., Sekar, R.: Address-space randomization for windows systems. In: Proceedings of the 22nd Annual Computer Security Applications Conference, pp. 329–338 (2006)
OpenBSD: The OpenBSD project, http://www.openbsd.org
Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, Washington, DC, vol. 120 (2003)
Barrantes, E.G., Ackley, D.H., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 281–289. ACM (2003)
Barrantes, E.G., Ackley, D.H., Forrest, S., Stefanović, D.: Randomized instruction set emulation. ACM Transactions on Information and System Security (TISSEC) 8(1), 3–40 (2005)
Boyd, S.W., Kc, G.S., Locasto, M.E., Keromytis, A.D., Prevelakis, V.: On the general applicability of instruction-set randomization. IEEE Transactions on Dependable and Secure Computing 7(3), 255–270 (2010)
Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 272–280. ACM (2003)
Cadar, C., Akritidis, P., Costa, M., Martin, J.P., Castro, M.: Data randomization. Technical report, Microsoft Research (2008) Technical Report MSR-TR-2008-120
Daniel, M., Honoroff, J., Miller, C.: Engineering heap overflow exploits with javascript. In: Proceedings of the 2nd Conference on USENIX Workshop on Offensive Technologies, WOOT 2008, pp. 1:1–1:6. USENIX Association, Berkeley (2008)
Robson, J.M.: An estimate of the store size necessary for dynamic storage allocation. J. ACM 18(3), 416–423 (1971)
OEIS: The On-Line Encyclopedia of Integer Sequences (August 2013), http://oeis.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Tey, C.M., Gao, D. (2013). Defending against Heap Overflow by Using Randomization in Nested Virtual Clusters. In: Qing, S., Zhou, J., Liu, D. (eds) Information and Communications Security. ICICS 2013. Lecture Notes in Computer Science, vol 8233. Springer, Cham. https://doi.org/10.1007/978-3-319-02726-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-02726-5_1
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-02725-8
Online ISBN: 978-3-319-02726-5
eBook Packages: Computer ScienceComputer Science (R0)