GSRC Student Profile:
Research Overview: Lockdown: Automatic memory protection for C/C++ programs
Most applications make extensive use of system libraries that act as their interface to the outside world (like the C++ standard library or the socket library) or third-party libraries that act as sub-components of the application (like plugins in Adobe Acrobat or Mozilla Firefox). All of these libraries are convenient and frequent vectors for attack: because they run in the same address space as the application, they have full read and write access to all of the application's memory. Weaknesses in these libraries can allow corruption of the application's stack and heap via buffer overflows, and give an attacker control of the process. We present a runtime system called Lockdown which automatically isolates libraries from the main application and prevents a range of attacks resulting from invalid or unauthorized memory accesses.
|
