ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels
Authors: 
Marius Momeu, Fabian Kilger, Christopher Roemheld, Simon Schnückel, Sergej Proskurin, Michalis Polychronakis, 
Vasileios P. KemerlisAuthors Info & Claims
Marius Momeu, Fabian Kilger, Christopher Roemheld, Simon Schnückel, Sergej Proskurin, Michalis Polychronakis, Vasileios P. KemerlisAuthors Info & ClaimsPages 1159 - 1172
Abstract
Kernel memory allocators maintain several metadata structures optimized for efficiently managing system memory. However, existing implementations adopt either weak or no protection at all to ensure the integrity of said metadata in the presence of memory errors. In this paper, we first demonstrate how existing memory hardening schemes fall short against several in-kernel memory corruption scenarios. We then present ISLAB: a set of novel (slab-based) heap hardening techniques that aim to ensure the integrity of the memory managed by the kernel, and minimize the incurred runtime, and memory, overhead. ISLAB prevents memory corruption exploits by segregating metadata from within corruptible memory objects into shadow memory. It also relies on a novel SMAP-assisted memory isolation framework, called kSMAP, to protect allocator metadata against adversaries with stronger memory access capabilities. We implemented and evaluated ISLAB atop SLUB, the default slab allocator in Linux, and equipped it with kSMAP to protect process credentials, a popular target in kernel exploitation. Our experiments show that ISLAB incurs no runtime overhead in realistic benchmarks, and moderate overhead in stress tests. Lastly, we show how ISLAB's approach can be generalized to protect the integrity of other kernel subsystems that use corruptible metadata for memory management, such as linked lists.
References
[1]
2021. perf(1) - Performance analysis tools for Linux. https://man7.org/linux/man-pages/man1/perf.1.html.
[2]
Sam Ainsworth and Timothy M Jones. 2020. MarkUs: Drop-in Use-After-Free Prevention for Low-Level Languages. In IEEE Symposium on Security and Privacy (S&P). 578--591.
[3]
Periklis Akritidis. 2010. Cling: A Memory Allocator to Mitigate Dangling Pointers. In USENIX Security Symposium (SEC). 177--192.
[4]
Alex Plaskett. 2021. CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) - Part 1. https://research.nccgroup.com/2021/07/15/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-1/.
[5]
Alexander Popov. 2021. Four Bytes of Power: Exploiting CVE-2021-26708 in the Linux kernel. https://a13xp0p0v.github.io/2021/02/09/CVE-2021-26708.html.
[6]
Awarau and pql. 2022. CVE-2022-29582 An io_uring vulnerability. https://ruia-ruia.github.io/2022/08/05/CVE-2022-29582-io-uring/.
[7]
Maher Azzouzi. 2021. CVE-2017-11176. https://github.com/MaherAzzouzi/LinuxKernelStudy/tree/main/CVE-2017-11176.
[8]
David's Blog. 2022. How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables. http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/.
[9]
Jeff Bonwick. 1994. The Slab Allocator: An Object-Caching Kernel Memory Allocator. In USENIX Summer Technical Conference. 87--98.
[10]
Jeff Bonwick and Jonathan Adams. 2001. Magazines and Vmem: Extending the Slab Allocator to Many CPUs and Arbitrary Resources. In USENIX Annual Technical Conference (ATC). 15--33.
[11]
Johannes Bouché, Lukas Atkinson, and Martin Kappes. 2020. Shadow-Heap: Preventing Heap-based Memory Corruptions by Metadata Validation. In European Interdisciplinary Cybersecurity Conference (EICC). 1--6.
[12]
Daniel P. Bovet and Marco Cesati. 2005. Understanding the Linux Kernel. 294--350.
[13]
Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin Von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A Systematic Evaluation of Transient Execution Attacks and Defenses. In USENIX Security Symposium (SEC). 249--266.
[14]
Quan Chen, Ahmed M Azab, Guruprasad Ganesh, and Peng Ning. 2017. PrivWatcher: Non-bypassable Monitoring and Protection of Process Credentials from Memory Corruption Attacks. In ACM ASIA Conference on Computer and Communications Security (ASIA CCS). 167--178.
[15]
Yueqi Chen, Zhenpeng Lin, and Xinyu Xing. 2020. A Systematic Study of Elastic Objects in Kernel Exploitation. In ACM Conference on Computer and Communications Security (CCS). 1165--1184.
[16]
Yueqi Chen and Xinyu Xing. 2019. SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel. In ACM Conference on Computer and Communications Security (CCS). 1707--1722.
[17]
George Christou, Grigoris Ntousakis, Eric Lahtinen, Sotiris Ioannidis, Vasileios P Kemerlis, and Nikos Vasilakis. 2023. BinWrap: Hybrid Protection against Native Node. js Add-ons. In Proceedings of the ACM ASIA Conference on Computer and Communications Security (ASIA CCS). 429--442.
[18]
Jonathan Corbet. 2009. An updated guide to debugfs. https://lwn.net/Articles/334546/.
[19]
Jonathan Corbet. 2020. Memory protection keys for the kernel. https://lwn.net/Articles/826554/.
[20]
Emanuele Cozzi, Mariano Graziano, Yanick Fratantonio, and Davide Balzarotti. 2018. Understanding Linux Malware. In IEEE Symposium on Security and Privacy (S&P). 161--175.
[21]
cutesmilee's blog. 2022. Exploiting CVE-2019-2215. https://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup.html.
[22]
Lucas Davi, David Gens, Christopher Liebchen, and Ahmad-Reza Sadeghi. 2017. PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables. In Network and Distributed System Security Symposium (NDSS).
[23]
Vincent Dehors. 2021. Exploitation of a double free vulnerability in Ubuntu shiftfs driver (CVE-2021-3492). https://www.synacktiv.com/publications/exploitation-of-a-double-free-vulnerability-in-ubuntu-shiftfs-driver-cve-2021-3492.html.
[24]
Rémi Denis-Courmont, Hans Liljestrand, Carlos Chinea, and Jan-Erik Ekberg. 2020. Camouflage: Hardware-assisted CFI for the ARM Linux kernel. In ACM/IEEE Design Automation Conference (DAC). 1--6.
[25]
Di Shen. 2017. The Art of Exploiting Unconventional Use-after-free Bugs in Android Kernel. https://pacsec.jp/psj17/PSJ2017_DiShen_Pacsec_FINAL.pdf.
[26]
Apple Security Engineering and Architecture (SEAR). 2022. Towards the next generation of XNU memory safety: kalloc_type. https://security.apple.com/blog/towards-the-next-generation-of-xnu-memory-safety/.
[27]
Jason Evans. 2011. Scalable Memory Allocation Using jemalloc. https://engineering.fb.com/2011/01/03/core-infra/scalable-memory-allocation-using-jemalloc/.
[28]
Yi Feng and Emery D Berger. 2005. A Locality-Improving Dynamic Memory Allocator. In Workshop on Memory System Performance (MSPC). 68--77.
[29]
Alexander J. Gaidis, Joao Moreira, Ke Sun, Alyssa Milburn, Vaggelis Atlidakis, and Vasileios P. Kemerlis. 2023. FineIBT: Fine-grain Control-flow Enforcement with Indirect Branch Tracking. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID).
[30]
Sanjay Ghemawat and Paul Menage. 2007. TCMalloc: Thread-Caching Malloc. http://goog-perftools.sourceforge.net/doc/tcmalloc.html.
[31]
Google Project Zero. 2019. Bad Binder: Android In-The-Wild Exploit. https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html.
[32]
Google Project Zero. 2021. CVE-2021-22555: Turning \x00\x00 into 10000$. https://github.com/google/security-research/blob/master/pocs/linux/cve-2021-22555/writeup.md.
[33]
Spyridoula Gravani, Mohammad Hedayati, John Criswell, and Michael L Scott. 2021. IskiOS: Intra-kernel Isolation and Security using Memory Protection Keys. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID).
[34]
GRIMM. 2021. New Old Bugs in the Linux Kernel. https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html.
[35]
Daniel Gruss, Moritz Lipp, Michael Schwarz, Richard Fellner, Clémentine Maurice, and Stefan Mangard. 2017. KASLR is Dead: Long Live KASLR. In Engineering Secure Software and Systems (ESSoS). 161--176.
[36]
Mohammad Hedayati, Spyridoula Gravani, Ethan Johnson, John Criswell, Michael L Scott, Kai Shen, and Mike Marty. 2019. Hodor: Intra-Process Isolation for High-Throughput Data Plane Libraries. In USENIX Annual Technical Conference (ATC). 489--504.
[37]
Ian Beer. 2019. In-the-wild iOS Exploit Chain 1. https://googleprojectzero.blogspot.com/2019/08/in-wild-ios-exploit-chain-1.html.
[38]
Intel. 2023. Intel® 64 and IA-32 Architectures Software Developer's Manuals. https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html.
[39]
Jann Horn. 2021. How a simple Linux kernel memory corruption bug can lead to complete system compromise. https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html.
[40]
Di Jin, Vaggelis Atlidakis, and Vasileios P Kemerlis. 2023. EPF: Evil Packet Filter. In USENIX Annual Technical Conference (ATC). 735--751.
[41]
Kees Cook. 2017. mm: Add SLUB free list pointer obfuscation. https://patchwork.kernel.org/patch/9864165/.
[42]
Vasileios P Kemerlis, Michalis Polychronakis, and Angelos D Keromytis. 2014. ret2dir: Rethinking Kernel Isolation. In USENIX Security Symposium (SEC). 957--972.
[43]
Vasileios P. Kemerlis, Georgios Portokalidis, and Angelos D. Keromytis. 2012. kGuard: Lightweight Kernel Protection against Return-to-User Attacks. In USENIX Security Symposium (SEC). 459--474.
[44]
The Linux Kernel. 2023. Page Table Isolation (PTI). https://www.kernel.org/doc/html/next/x86/pti.html.
[45]
The Linux Kernel. 2023. Physical Memory Model.
[46]
The Linux Kernel. 2023. What is RCU? - "Read, Copy, Update". https://www.kernel.org/doc/html/next/RCU/whatisRCU.html.
[47]
kileak. 2021. VULNCON CTF 2021 - IPS. https://kileak.github.io/ctf/2021/vulncon-ips/.
[48]
Thomas J Killian. 1984. Processes as Files. In USENIX Summer Technical Conference. 203--207.
[49]
Kenneth C Knowlton. 1965. A Fast Storage Allocator. Commun. ACM 8, 10 (1965), 623--624.
[50]
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In IEEE Symposium on Security and Privacy (S&P). 1--19.
[51]
Greg Kroah-Hartman. 2003. udev - A Userspace Implementation of devfs. In Ottawa Linux Symposium (OLS). 263--271.
[52]
Christopher Kruegel, William Robertson, and Giovanni Vigna. 2004. Detecting Kernel-level Rootkits through Binary Analysis. In Annual Computer Security Applications Conference (ACSAC). 91--100.
[53]
Volodymyr Kuznetzov, László Szekeres, Mathias Payer, George Candea, R Sekar, and Dawn Song. 2014. Code-Pointer Integrity. In USENIX Symposium on Operating System Design and Implementation (OSDI). 147--163.
[54]
kylebot's Blog. 2022. [CVE-2022-1786] A Journey To The Dawn. https://blog.kylebot.net/2022/10/16/CVE-2022-1786/.
[55]
Lam Jun Rong. 2022. io_uring - new code, new bugs, and a new exploit technique. https://www.starlabs.sg/blog/2022/06-io_uring-new-code-new-bugs-and-a-new-exploit-technique/.
[56]
Christoph Lameter. 2014. Slab Allocators in the Linux Kernel: SLAB, SLOB, SLUB. In Open Source Summit (LinuxCon).
[57]
Julia Lawall and Gilles Muller. 2018. Coccinelle: 10 Years of Automated Evolution in the Linux Kernel. In USENIX Annual Technical Conference (ATC). 601--614.
[58]
Zhenpeng Lin, Yuhang Wu, and Xinyu Xing. 2022. DirtyCred: Escalating Privilege in Linux Kernel. In ACM Conference on Computer and Communications Security (CCS). 1963--1976.
[59]
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In Proceedings of the 27th USENIX Security Symposium (SEC). 973--990.
[60]
Jian Liu, Lin Yi, Weiteng Chen, Chengyu Song, Zhiyun Qian, and Qiuping Yi. 2022. LinKRID: Vetting Imbalance Reference Counting in Linux kernel with Symbolic Execution. In USENIX Security Symposium (SEC). 125--142.
[61]
Yutao Liu, Tianyu Zhou, Kexin Chen, Haibo Chen, and Yubin Xia. 2015. Thwarting Memory Disclosure with Efficient Hypervisor-enforced Intra-domain Isolation. In ACM Conference on Computer and Communications Security (CCS). 1607--1619.
[62]
Maxime Peterlin, Philip Pettersson, Alexandre Adamski, and Alex Radocea. 2020. Exploiting a Single Instruction Race Condition in Binder. https://www.longterm.io/cve-2020-0423.html.
[63]
Larry W McVoy and Carl Staelin. 1996. lmbench: Portable Tools for Performance Analysis. In USENIX Annual Technical Conference (ATC). 279--294.
[64]
Alfred J Menezes, Paul C van Oorschot, and Scott A Vanstone. 2018. Handbook of Applied Cryptography. CRC press.
[65]
Otto Moerbeek. 2009. A new malloc(3) for OpenBSD. https://www.openbsd.org/papers/eurobsdcon2009/otto-malloc.pdf. In EuroBSDCon.
[66]
Arthur Mongodin. 2022. [CVE-2022-34918] A crack in the Linux firewall. https://www.randorisec.fr/crack-linux-firewall/.
[67]
James Morse. 2015. arm64: kernel: Add support for Privileged Access Never. https://lwn.net/Articles/651614/.
[68]
Andy Nguyen. 2020. BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution. https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html.
[69]
Nick Gregory. 2022. The Discovery and Exploitation of CVE-2022-25636. https://nickgregory.me/post/2022/03/12/cve-2022-25636/.
[70]
Vitaly Nikolenko. 2016. CVE-2016-6187: Exploiting Linux kernel heap off-by-one. https://duasynt.com/blog/cve-2016-6187-heap-off-by-one-exploit.
[71]
Gene Novark and Emery Berger. 2010. DieHarder: Securing the Heap. In ACM Conference on Computer and Communications Security (CCS). 573--584.
[72]
Tapti Palit, Jarin Firose Moon, Fabian Monrose, and Michalis Polychronakis. 2021. DynPTA: Combining Static and Dynamic Analysis for Practical Selective Data Protection. In IEEE Symposium on Security and Privacy (S&P). 1919--1937.
[73]
Soyeon Park, Sangho Lee, Wen Xu, Hyungon Moon, and Taesoo Kim. 2019. libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK). In USENIX Annual Technical Conference (ATC). 241--254.
[74]
Manfred Paul. 2020. CVE-2020-8835: Linux Kernel Privilege Escalation via Improper eBPF Program Verification. https://www.zerodayinitiative.com/blog/2020/4/8/cve-2020-8835-linux-kernel-privilege-escalation-via-improper-ebpf-program-verification.
[75]
Enrico Perla and Massimiliano Oldani. 2010. A Guide To Kernel Exploitation: Attacking the Core. 47--99.
[76]
Phantasmal Phantasmagoria. 2005. The Malloc Maleficarum. https://seclists.org/bugtraq/2005/Oct/118.
[77]
Phoronix Test Suite. [n. d.]. Open-Source Automated Benchmarking. https://www.phoronix-test-suite.com.
[78]
Marios Pomonis, Theofilos Petsios, Angelos D Keromytis, Michalis Polychronakis, and Vasileios P Kemerlis. 2017. kRˆ X: Comprehensive Kernel Protection against Just-In-Time Code Reuse. In European Conference on Computer Systems (EuroSys). 420--436.
[79]
Alexander Popov. 2017. Race for Root: The Analysis of the Linux Kernel Race Condition Exploit. https://media.ccc.de/v/SHA2017-295-race_for_root_the_analysis_of_the_linux_kernel_race_condition_exploit.
[80]
Sergej Proskurin, Marius Momeu, Seyedhamed Ghavamnia, Vasileios P. Kemerlis, and Michalis Polychronakis. 2020. xMP: Selective Memory Protection for Kernel and User Space. In IEEE Symposium on Security and Privacy (S&P). 563--577.
[81]
Weizhong Qiang, Yong Cao, Weiqi Dai, Deqing Zou, Hai Jin, and Benxi Liu. 2017. Libsec: A Hardware Virtualization-based Isolation for Shared Library. In IEEE International Conference on High Performance Computing and Communications (HPCC); IEEE International Conference on Smart City (SmartCity); IEEE International Conference on Data Science and Systems (DSS). 34--41.
[82]
Joseph Ravichandran, Weon Taek Na, Jay Lang, and Mengjia Yan. 2022. PACMAN: Attacking ARM Pointer Authentication with Speculative Execution. In International Symposium on Computer Architecture (ISCA). 685--698.
[83]
Nick Roessler, Lucas Atayde, Imani Palmer, Derrick McKee, Jai Pandey, Vasileios P Kemerlis, Mathias Payer, Adam Bates, Jonathan M Smith, Andre DeHon, et al. 2021. μSCOPE: A Methodology for Analyzing Least-Privilege Compartmentalization in Large Software Artifacts. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID). 296--311.
[84]
Dan Rosenberg. 2011. A Heap of Trouble: Exploiting the Linux Kernel SLOB Allocator. http://vulnfactory.org/research/slob.pdf.
[85]
Satoshi's notes. 2023. Intel VT-rp - Part 1. remapping attack and HLAT. https://tandasat.github.io/blog/2023/07/05/intel-vt-rp-part-1.html.
[86]
SecWiki. 2023. Linux Kernel Exploits. https://github.com/SecWiki/linux-kernel-exploits.
[87]
SecWiki. 2023. Windows Kernel Exploits. https://github.com/SecWiki/windows-kernel-exploits.
[88]
Shellphish. 2023. Educational Heap Exploitation. https://github.com/shellphish/how2heap.
[89]
Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, and Tongping Liu. 2017. FreeGuard: A Faster Secure Heap Allocator. In ACM Conference on Computer and Communications Security (CCS). 2389--2403.
[90]
Sam Silvestro, Hongyu Liu, Tianyi Liu, Zhiqiang Lin, and Tongping Liu. 2018. Guarder: A Tunable Secure Allocator. In USENIX Security Symposium (SEC). 117--133.
[91]
sqrkkyu and twzi. 2007. Attacking the Core: Kernel Exploiting Notes. Phrack (2007).
[92]
jemalloc. 2023. memory allocator. https://jemalloc.net.
[93]
The Linux Kernel. [n. d.]. Kernel stacks on x86-64 bit. https://www.kernel.org/doc/Documentation/x86/kernel-stacks.
[94]
The Linux Kernel. 2023. percpu memory allocator.
[95]
Theori BLOG. [n. d.]. Linux Kernel Exploit (CVE-2022-32250) with mqueue. https://blog.theori.io/linux-kernel-exploit-cve-2022-32250-with-mqueue-a8468f32aab5.
[96]
Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O Duarte, Michael Sammler, Peter Druschel, and Deepak Garg. 2019. ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK). In USENIX Security Symposium (SEC). 1221--1238.
[97]
Valentina Palmiotti. 2022. Put an io_uring on it: Exploiting the Linux Kernel. https://chompie.rip/Blog+Posts/Put+an+io_uring+on+it+-+Exploiting+the+Linux+Kernel.
[98]
Alexios Voulimeneas, Jonas Vinck, Ruben Mechelinck, and Stijn Volckaert. 2022. You Shall Not (by)Pass! Practical, Secure, and Fast PKU-based Sandboxing. In European Conference on Computer Systems (EuroSys). 266--282.
[99]
Zhi Wang, Xuxian Jiang, Weidong Cui, and Peng Ning. 2009. Countering Kernel Rootkits with Lightweight Hook Protection. In ACM Conference on Computer and Communications Security (CCS). 545--554.
[100]
Zhe Wang, Chenggang Wu, Mengyao Xie, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yan Kang, and Min Yang. 2020. SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation. In IEEE Symposium on Security and Privacy (S&P). 592--607.
[101]
Wang, Yong. 2019. From Zero to Root: Building Universal Android Rooting with a Type Confusion Vulnerability. In Zer0Con.
[102]
Brian Wickman, Hong Hu, Insu Yun, Daehee Jang, JungWon Lim, Sanidhya Kashyap, and Taesoo Kim. 2021. Preventing Use-After-Free Attacks with Fast Forward Allocation. In USENIX Security Symposium (SEC). 2453--2470.
[103]
Wolfram Gloger. 2006. ptmalloc. http://www.malloc.de/en/.
[104]
Chenggang Wu, Mengyao Xie, Zhe Wang, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yan Kang, Min Yang, and Tao Li. 2023. Dancing With Wolves: An Intra-Process Isolation Technique With Privileged Hardware. IEEE Transactions on Dependable and Secure Computing (TDSC) 20, 3 (2023), 1959--1978.
[105]
Mengyao Xie, Chenggang Wu, Yinqian Zhang, Jiali Xu, Yuanming Lai, Yan Kang, Wei Wang, and Zhe Wang. 2022. CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation. In ACM Conference on Computer and Communications Security (CCS). 2989--3002.
[106]
Xingyu Jin and Richard Neal. 2021. The Art of Exploiting UAF by Ret2bpf in Android Kernel. In Black Hat Europe (BHEU).
[107]
Wenjie Xiong and Jakub Szefer. 2021. Survey of Transient Execution Attacks and their Mitigations. ACM Computing Surveys (CSUR) 54, 3 (2021), 1--36.
[108]
Yutian Yang, Songbo Zhu, Wenbo Shen, Yajin Zhou, Jiadong Sun, and Kui Ren. 2019. ARM Pointer Authentication based Forward-Edge and Backward-Edge Control Flow Integrity for Kernels. arXiv preprint arXiv:1912.10666 (2019).
[109]
Sungbae Yoo, Jinbum Park, Seolheui Kim, Yeji Kim, and Taesoo Kim. 2022. In-Kernel Control-Flow Integrity on Commodity OSes using ARM Pointer Authentication. In USENIX Security Symposium (SEC). 89--106.
[110]
Kyle Zeng, Yueqi Chen, Haehyun Cho, Xinyu Xing, Adam Doupé, Yan Shoshitaishvili, and Tiffany Bao. 2022. Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability. In USENIX Security Symposium (SEC). 71--88.
[111]
Bingnan Zhong and Qingkai Zeng. 2021. SecPT: Providing Efficient Page Table Protection based on SMAP Feature in an Untrusted Commodity Kernel. In IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). 215--223.
[112]
Saman Zonouz, Mingbo Zhang, Pengfei Sun, Luis Garcia, and Xiruo Liu. 2018. Dynamic Memory Protection via Intel SGX-Supported Heap Allocation. In IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC); IEEE International Conference on Pervasive Intelligence and Computing (PICom); IEEE International Conference on Big Data Intelligence and Computing (DataCom); IEEE International Conference on Cyber Science and Technology Congress (CyberSciTech). 608--617.
Index Terms
- ISLAB: Immutable Memory Management Metadata for Commodity Operating System Kernels
Recommendations
Enabling Hybrid PCM Memory System with Inherent Memory Management
RACS '16: Proceedings of the International Conference on Research in Adaptive and Convergent SystemsReplacing the traditional volatile main memory, e.g., DRAM, with a non-volatile phase change memory (PCM) has become a possible solution to reduce the energy consumption of computing systems. To further reduce the bit cost of PCM, the development trend ...
Energy-aware flash memory management in virtual memory system
The traditional virtual memory system is designed for decades assuming a magnetic disk as the secondary storage. Recently, flash memory becomes a popular storage alternative for many portable devices with the continuing improvements on its capacity, ...
Morphable memory system: a robust architecture for exploiting multi-level phase change memories
ISCA '10Phase Change Memory (PCM) is emerging as a scalable and power efficient technology to architect future main memory systems. The scalability of PCM is enhanced by the property that PCM devices can store multiple bits per cell. While such Multi-Level Cell ...
Comments
Information & Contributors
Information
Published In
July 2024
1987 pages
ISBN:9798400704826
DOI:10.1145/3634737
- Chair:
- Jianying Zhou,
- Co-chair:
- Tony Q. S. Quek,
- Program Chairs:
- Debin Gao,
- Alvaro Cardenas
Copyright © 2024 Copyright is held by the owner/author(s). Publication rights licensed to ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 01 July 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
Conference
ASIA CCS '24
Sponsor:
ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security
July 1 - 5, 2024
Singapore, Singapore
Acceptance Rates
Overall Acceptance Rate 418 of 2,322 submissions, 18%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 36Total Downloads
- Downloads (Last 12 months)36
- Downloads (Last 6 weeks)36
Reflects downloads up to 27 Jul 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in