Please use this identifier to cite or link to this item:
|Title:||Heap Taichi: Exploiting memory allocation granularity in heap-spraying attacks|
|Citation:||Ding, Y.,Wei, T.,Wang, T.,Liang, Z.,Zou, W. (2010). Heap Taichi: Exploiting memory allocation granularity in heap-spraying attacks. Proceedings - Annual Computer Security Applications Conference, ACSAC : 327-336. ScholarBank@NUS Repository. https://doi.org/10.1145/1920261.1920310|
|Abstract:||Heap spraying is an attack technique commonly used in hijacking browsers to download and execute malicious code. In this attack, attackers first fill a large portion of the victim process's heap with malicious code. Then they exploit a vulnerability to redirect the victim process's control to attackers' code on the heap. Because the location of the injected code is not exactly predictable, traditional heap-spraying attacks need to inject a huge amount of executable code to increase the chance of success. Injected executable code usually includes lots of NOP-like instructions leading to attackers' shellcode. Targeting this attack characteristic, previous solutions detect heap-spraying attacks by searching for the existence of such large amount of NOP sled and other shellcode. In this paper, we analyze the implication of modern operating systems' memory allocation granularity and present Heap Taichi, a new heap spraying technique exploiting the weakness in memory alignment. We describe four new heap object structures that can evade existing detection tools, as well as proof-of-concept heap-spraying code implementing our technique. Our research reveals that a large amount of NOP sleds is not necessary for a reliable heap-spraying attack. In our experiments, we showed that our heap-spraying attacks are a realistic threat by evading existing detection mechanisms. To detect and prevent the new heap-spraying attacks, we propose enhancement to existing approaches and propose to use finer memory allocation granularity at memory managers of all levels. We also studied the impact of our solution on system performance. © 2010 ACM.|
|Source Title:||Proceedings - Annual Computer Security Applications Conference, ACSAC|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on Feb 12, 2019
checked on Jan 13, 2019
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.