Elimination of Memory Disclosure Attacks Using Data Isolation

doi:10.3969/j.issn.1006-2475.2016.02.017

Abstract

Abstract: As more and more memory-disclosure bugs been discovered, it’s important to protect memory safety. Nowadays mainstream of this field prefers enforcing memory isolation to protect memory safety. However, none of them can achieve a fine-grained protection while easy-to-deploy solution since most solutions requires manually modification to source code, or they enforce memory isolation in a coarse-grained way. We present a novel method, which can traces and collects all possible operations that access the sensitive data in runtime, and can perform automatically code transformation during compilation. Our solution do not require manually modification, and evaluation shows that we can efficiently eliminate memory disclosure attacks, such as Heartbleed, found in OpenSSL. Meanwhile, the overhead of compilation and memory cost are lower than 1%.

Key words: memory disclosure attacks, memory data isolation

CHEN Ke-xin, LIU Yu-tao. Elimination of Memory Disclosure Attacks Using Data Isolation[J]. Computer and Modernization, 2016, 0(2): 75-81.

References

［1］ George C Necula, Scott McPeak, Shree P Rahul, et al. CIL: Intermediate language and tools for analysis and transformation of C programs［C］// Conference on Compiler Construction. 2002:213-228.
［2］ Nick S. Answering the Critical Question: Can You Get Private SSL Keys Using Heartbleed? ［EB/OL］. https://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed/, 2014-04-11.
［3］ Indutny. Cracking Cloudflare’s Heartbleed Challenging［EB/OL］. http://darksi.de/9.heartbleed/, 2014-04-15.
［4］ Owen H, Sangman K, Alan D, et al. InkTag: Secure applications on an untrusted operating system［J］. ACM SIGPLAN Notices, 2013,48(4):265-278.
［5］ Jonh G. Searching for The Prime Suspect: How Heartbleed Leaked Private Keys［EB/OL］. https://blog.cloudflare.com/searching-for-the-prime-suspect-how-heartbleed-leaked-private-keys/, 2014-04-27.
［6］ Liu Yutao, Zhou Tianyu, Chen Kexin, et al. Thwarting memory disclosure 〖HJ1.75mm〗with efficient hypervisor-enforced intra-domain isolation［C］// Proceedings of the 22th ACM Conference on Computer and Communications Security. 2015.
［7］ Andrew B, Marcus P, Galen H. Shielding applications from an untrusted cloud with haven［C］// The 11th USENIX Symposium on Operating Systems Design and Implementation. 2014.
［8］ Criswell J, Dautenhahn N, Adve V. Virtual ghost: Protecting applications from hostile operating systems［C］// Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems. 2014.
［9］ Steve C. 2011 CWE/SANS Top 25 Most Dangerous Software Errors［EB/OL］.http://cwe.mitre.org/top25/, 2011-09-13.
［10］Akamai Technology.Akamai［EB/OL］. http://www.akamai.cn/enzs/, 2015-12-16.
［11］Evtyushkin D, Elwell J, Ozsoy M, et al. Iso-X: A flexible architecture for hardware-managed isolated execution［C］// Proceedings of the Annual International Symposium on Microarchitecture. 2015:190-202.
［12］Akamai Technology. Secure heap patch for OpenSSL heartbleed vulnerability［ED/OL］. http://www.mail-archive.com/openssl-users@openssl.org/msg73503.html, 2015-12-16.
［13］Yang J, Shin K G. Using hypervisor to provide data secrecy for user applications on a per-page basis［C］// Proceedings of the 4th International Conference on Virtual Execution Environments. 2008:71-80.
［14］The Heartbleed Bug［EB/OL］.http://heartbleed.com/, 2014-04-29.
［15］Popularity contest statistics for OpenSSL［EB/OL］. https://qa.debian.org/popcon.php?package=openssl, 2015-12-30.
［16］Novark G, Berger E D. Dieharder:Securing the heap［C］// Proceedings of the 17th ACM Conference on Computer and Communications Security. 2010:573-584.
［17］Chen X, Garfinkel T, Lewis E C, et al. Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems［C］// Proceedings of the 13th International Conference on Architectural Support for 〖JP4〗Programming Languages and Operating Systems. 2008,42:2-13.
［18］Brumley D, Song D. Privtrans: Automatically partitioning programs for privilege separation［C］// Proceedings of the 13th USENIX Security Symposium. 2004:57-72.
［19］David A W. How to Prevent the Next Heartbleed［EB/OL］. http://www.dwheeler.com/essays/heartbleed.html, 2014-04-29.
［20］OpenWrt. OpenSSL Benchmarks［EB/OL］.https://wiki.openwrt.org/inbox/benchmark.openssl, 2015-12-30.
［21］McCune J M, Li Y, Qu N, et al. TrustVisor: Efficient TCB reduction and attestation［C］// IEEE Symposium on Security and Privacy-S&P. 2010:143-158.
［22］Kerneis. The CIL Driver［ED/OL］. http://www.cs.berkekey.edu/~necula/cil/cil007.html, 2015-12-16.
［23］Chen Haibo, Chen Jieyun, Mao Wenbo, et al. Daonity-grid security from two levels of virtualization［J］. Information Security Technical Report, 2007,12(3):123-138.
［24］Chen Haibo, Zhang Fengzhe, Chen Cheng, et al. Tamper-resistant Execution in an Untrusted Operating System Using a Virtual Machine Monitor［R］. Technical Report, FDUPPITR-2007-0801, 2007.
［25］RSA Algorithm［EB/OL］. https://en.wikipedia.org/wiki/RSA, 2015-12-30.