+ All Categories

Download - DieHarder (CCS 2010, WOOT 2011)

Transcript
Page 1: DieHarder (CCS 2010, WOOT 2011)

UNIVERSITY  OF  MASSACHUSETTS,  AMHERST    •    Department  of  Computer  Science  

Gene  Novark  &  Emery  Berger  University  of  Massachusetts,  Amherst  

DIEHARDER:  SECURING  THE  HEAP    

[originally  presented  at  CCS  2011]  

Page 2: DieHarder (CCS 2010, WOOT 2011)

UNIVERSITY  OF  MASSACHUSETTS,  AMHERST    •    Department  of  Computer  Science  

DieHard:  ProbabilisFc  Memory  Safety  for  C/C++  Programs  [PLDI  2005]  

Direct  inspira4on  for  Windows  7’s  Fault-­‐Tolerant  Heap  (2009)  

Page 3: DieHarder (CCS 2010, WOOT 2011)

UNIVERSITY  OF  MASSACHUSETTS,  AMHERST    •    Department  of  Computer  Science  

DieHard:  ProbabilisFc  Memory  Safety  for  C/C++  Programs  [PLDI  2005]  

Direct  inspira4on  for  Windows  7’s  Fault-­‐Tolerant  Heap  (2009)  

Page 4: DieHarder (CCS 2010, WOOT 2011)
Page 5: DieHarder (CCS 2010, WOOT 2011)
Page 6: DieHarder (CCS 2010, WOOT 2011)
Page 7: DieHarder (CCS 2010, WOOT 2011)
Page 8: DieHarder (CCS 2010, WOOT 2011)
Page 9: DieHarder (CCS 2010, WOOT 2011)
Page 10: DieHarder (CCS 2010, WOOT 2011)
Page 11: DieHarder (CCS 2010, WOOT 2011)
Page 12: DieHarder (CCS 2010, WOOT 2011)
Page 13: DieHarder (CCS 2010, WOOT 2011)
Page 14: DieHarder (CCS 2010, WOOT 2011)

14  

Page 15: DieHarder (CCS 2010, WOOT 2011)

15  

Page 16: DieHarder (CCS 2010, WOOT 2011)

16  

Page 17: DieHarder (CCS 2010, WOOT 2011)

17  

Page 18: DieHarder (CCS 2010, WOOT 2011)
Page 19: DieHarder (CCS 2010, WOOT 2011)
Page 20: DieHarder (CCS 2010, WOOT 2011)

20  

Page 21: DieHarder (CCS 2010, WOOT 2011)
Page 22: DieHarder (CCS 2010, WOOT 2011)
Page 23: DieHarder (CCS 2010, WOOT 2011)

23  

Page 24: DieHarder (CCS 2010, WOOT 2011)

24  

Page 25: DieHarder (CCS 2010, WOOT 2011)

25  

Page 26: DieHarder (CCS 2010, WOOT 2011)

26  

Page 27: DieHarder (CCS 2010, WOOT 2011)

27  

Page 28: DieHarder (CCS 2010, WOOT 2011)

28  

Page 29: DieHarder (CCS 2010, WOOT 2011)

29  

Page 30: DieHarder (CCS 2010, WOOT 2011)

30  

Page 31: DieHarder (CCS 2010, WOOT 2011)

31  

Page 32: DieHarder (CCS 2010, WOOT 2011)

32  

sensitive  data  /  metadata  

Page 33: DieHarder (CCS 2010, WOOT 2011)

33  

All data / metadata sensitive

sensitive  data  /  metadata  

Page 34: DieHarder (CCS 2010, WOOT 2011)

34  

guard  /  unmapped  page  

Page 35: DieHarder (CCS 2010, WOOT 2011)

35  

guard  /  unmapped  page  

Page 36: DieHarder (CCS 2010, WOOT 2011)

36  

Page 37: DieHarder (CCS 2010, WOOT 2011)

37  

Page 38: DieHarder (CCS 2010, WOOT 2011)

38  

Page 39: DieHarder (CCS 2010, WOOT 2011)

39  

Address-­‐space  layout  randomization  

Page 40: DieHarder (CCS 2010, WOOT 2011)

object free space

heap metadata

Page 41: DieHarder (CCS 2010, WOOT 2011)

object free space prev. object

object size

heap  metadata  (GNU  libc,  others)  

Page 42: DieHarder (CCS 2010, WOOT 2011)

object free space

heap metadata

x

Page 43: DieHarder (CCS 2010, WOOT 2011)

object free space

heap metadata

x

Page 44: DieHarder (CCS 2010, WOOT 2011)

44  

Page 45: DieHarder (CCS 2010, WOOT 2011)

45  

Page 46: DieHarder (CCS 2010, WOOT 2011)

46  

Page 47: DieHarder (CCS 2010, WOOT 2011)

47  

Page 48: DieHarder (CCS 2010, WOOT 2011)

48  

Page 49: DieHarder (CCS 2010, WOOT 2011)

49  

Page 50: DieHarder (CCS 2010, WOOT 2011)

50  

Page 51: DieHarder (CCS 2010, WOOT 2011)

51  

≈ 4-5 bits of entropy

Page 52: DieHarder (CCS 2010, WOOT 2011)

52  

Page 53: DieHarder (CCS 2010, WOOT 2011)

53  

Maximal entropy: log N bits (e.g., ≈ 25-30)

Page 54: DieHarder (CCS 2010, WOOT 2011)

54  

Page 55: DieHarder (CCS 2010, WOOT 2011)
Page 56: DieHarder (CCS 2010, WOOT 2011)
Page 57: DieHarder (CCS 2010, WOOT 2011)

44.2 sec

Page 58: DieHarder (CCS 2010, WOOT 2011)

44.2 sec 41.6 sec

Page 59: DieHarder (CCS 2010, WOOT 2011)

UNIVERSITY  OF  MASSACHUSETTS,  AMHERST    •    Department  of  Computer  Science  

Gene  Novark  &  Emery  Berger  University  of  Massachusetts,  Amherst  

DIEHARDER:  SECURING  THE  HEAP    


Top Related
Migrating CCS 1.2 Projects to CCS 2.0
Migrating CCS 1.2 Projects to CCS 2.0

Documents

Maria Ward, MEd, RHIT, CCS, CCS-P Director of HIM …campus.ahima.org/audio/2017/CCSchat01.pdf · © 2017 CCS Virtual Exam Prep Chat Maria Ward, MEd, RHIT, CCS, CCS-P Director of
Maria Ward, MEd, RHIT, CCS, CCS-P Director of HIM …campus.ahima.org/audio/2017/CCSchat01.pdf · © 2017 CCS Virtual Exam Prep Chat Maria Ward, MEd, RHIT, CCS, CCS-P Director of

Documents

W10 CCS Pulmonary Embolism CCS 2011
W10 CCS Pulmonary Embolism CCS 2011

Documents

KIERAN C WOOT WOOT 4
KIERAN C WOOT WOOT 4

Education

Inbound Marketing Keynote at Woot Con - Mike Volpe, HubSpot
Inbound Marketing Keynote at Woot Con - Mike Volpe, HubSpot

Business

CCS/REEBOK TRACK CCS/REEBOK TRACK
CCS/REEBOK TRACK CCS/REEBOK TRACK

Documents

GLOBAL CCS INSTITUTE Knowledge Sharing and CCS Projects
GLOBAL CCS INSTITUTE Knowledge Sharing and CCS Projects

Documents

DieHarder : Securing the Heap
DieHarder : Securing the Heap

Documents