SoK: Eternal War in Memory
Stony Brook University · University of California, Berkeley · +1 more institution
Abstract
Memory corruption bugs in software written in low-level languages like C or C++ are one of the oldest problems in computer security. The lack of safety in these languages allows attackers to alter the program's behavior or take full control over it by hijacking its control flow. This problem has existed for more than 30 years and a vast number of potential solutions have been proposed, yet memory corruption attacks continue to pose a serious threat. Real world exploits show that all currently deployed protections can be defeated. This paper sheds light on the primary reasons for this by describing attacks that succeed on today's systems. We systematize the current knowledge about various protection techniques…
Citation impact
- FWCI
- 57.82
- Percentile
- 100%
- References
- 93
Authors
4Topics & keywords
- Exploit
- Computer security
- Computer science
- Overhead (engineering)
- Multitude
- Risk analysis (engineering)
- Language change
- Control flow
- Peace, Justice and strong institutions
Funding
- NSNational Science FoundationAwards: 0842695, 0831298, CCF-0424422, CNS-0831298, 0424422, FA9550-09-1-0539, 0831501
- NNNational Natural Science Foundation of ChinaAward: 61003216
- DADefense Advanced Research Projects Agency
- OOOffice of Naval ResearchAwards: N000140911081, FA9550, N000140710928
- AFAir Force Office of Scientific ResearchAwards: FA9550-, FA9550-09-1-0539, FA9550