Download - DieHarder (CCS 2010, WOOT 2011)
UNIVERSITY OF MASSACHUSETTS, AMHERST • Department of Computer Science
Gene Novark & Emery Berger University of Massachusetts, Amherst
DIEHARDER: SECURING THE HEAP
[originally presented at CCS 2011]
UNIVERSITY OF MASSACHUSETTS, AMHERST • Department of Computer Science
DieHard: ProbabilisFc Memory Safety for C/C++ Programs [PLDI 2005]
Direct inspira4on for Windows 7’s Fault-‐Tolerant Heap (2009)
UNIVERSITY OF MASSACHUSETTS, AMHERST • Department of Computer Science
DieHard: ProbabilisFc Memory Safety for C/C++ Programs [PLDI 2005]
Direct inspira4on for Windows 7’s Fault-‐Tolerant Heap (2009)
14
15
16
17
20
23
24
25
26
27
28
29
30
31
32
sensitive data / metadata
33
All data / metadata sensitive
sensitive data / metadata
34
guard / unmapped page
35
guard / unmapped page
36
37
38
39
Address-‐space layout randomization
object free space
heap metadata
object free space prev. object
object size
heap metadata (GNU libc, others)
object free space
heap metadata
x
object free space
heap metadata
x
44
45
46
47
48
49
50
51
≈ 4-5 bits of entropy
52
53
Maximal entropy: log N bits (e.g., ≈ 25-30)
54
44.2 sec
44.2 sec 41.6 sec
UNIVERSITY OF MASSACHUSETTS, AMHERST • Department of Computer Science
Gene Novark & Emery Berger University of Massachusetts, Amherst
DIEHARDER: SECURING THE HEAP