Balancing The Trinity of Security, Run-time, and Memory Overhead: A Case Study on Secure Heap Allocation
AS6 Level 2
SR4, AS6-02-06/07
Abstract:
Use-after-free (UAF) is a critical and prevalent problem in memory unsafe languages. While many solutions have been proposed, balancing security, run-time, and memory overhead (an impossible trinity) is hard. In this talk, I’ll discuss one way to balance the trinity by passing more semantics about the heap object to the allocator for it to make informed allocation decisions. More specifically, we propose a new notion of thread-, context-, and flow-sensitive “type”, SemaType, to capture the semantics and prototype a SemaType-based allocator that aims for the best trade-off amongst the impossible trinity. We further show how to improve security via stochastic allocation without excessive CPU and memory overhead (i.e., defence-in-depth). Evaluation shows that our new heap allocator offers strong and quantifiable security against UAF, runs even slightly faster than the default allocator, and incurs a memory overhead averaged from 41% to 84% on popular benchmarks.
Bio:
Dr. Meng Xu is an Assistant Professor in the Cheriton School of Computer Science at the University of Waterloo, Canada. His research is in the area of system and software security, with a focus on delivering high-quality solutions to practical security programs, especially in finding and patching vulnerabilities in critical computer systems. This usually includes research and development of automated program analysis / testing / verification tools that facilitate the security reasoning of critical programs.