HeapRevolver: Delaying and Randomizing Timing of Release of Freed Memory Area to Prevent Use-After-Free Attacks. - Citegraph

Paper Info

Title
HeapRevolver: Delaying and Randomizing Timing of Release of Freed Memory Area to Prevent Use-After-Free Attacks.

Abstract
Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attack-prevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small.

Year	DOI	Venue
2016	10.1007/978-3-319-46298-1_15	Lecture Notes in Computer Science
Keywords	Field	DocType
Use-after-free (UAF) vulnerabilities,UAF attack-prevention,Memory-reuse-prohibited library,System security	Computer science,Computer security,Computer network,Exploit,Dangling pointer	Conference
Volume	ISSN	Citations
9955	0302-9743	3
PageRank	References	Authors
0.44	7	2

Authors (2 rows)

Cited by (3 rows)

References (7 rows)

Name	Order	Citations	PageRank
Toshihiro Yamauchi	1	17	9.39
Yuta Ikegami	2	3	0.44

1