About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
DIMVA 2019
Conference paper
Memory Categorization: Separating Attacker-Controlled Data
Abstract
Memory corruption attacks against software written in C or C++ are still prevalent and remain a significant cause of security breaches. Defenses providing full memory safety remain expensive, and leaner defenses only addressing control-flow data are insufficient. We introduce memory categorization, an approach to separate data based on attacker control to mitigate the exploitation of memory corruption vulnerabilities such as use-after-free and use-after-return. MemCat implements this approach by: (i) providing separate memory allocators for different data categories, (ii) categorizing the use of memory allocations, (iii) changing allocations to take advantage of the categorization. We demonstrate the effectiveness of MemCat in a case study on actual vulnerabilities in real-world programs. We further show that, although our prototype implementation causes a high overhead in two edge cases, in most cases the performance hit remains negligible, with a median overhead of less than 3% on the SPEC benchmark suite.