Heap-based overflows are still not completely solved even after decades of research. This paper proposes Prober, a novel system aiming to detect and prevent heap overflows in the production environment. Prober leverages a key observation based on the analysis of dozens of real bugs: all heap overflows are related to arrays. Based on this observation, Prober only focuses on array-related heap objects, instead of all heap objects. Prober utilizes static analysis to label all susceptible call-stacks during the compilation, and then employs the page protection to detect any invalid accesses during the runtime. In addition to this, Prober integrates multiple existing methods together to ensure the efficiency of its detection. Overall, Prober introduces almost negligible performance overhead, with 1.5% on average. Prober not only stops possible attacks on time, but also reports the faulty instructions that could guide bug fixes. Prober is ready for deployment due to its effectiveness and low overhead.
Thu 24 SepDisplayed time zone: (UTC) Coordinated Universal Time change
16:00 - 17:00 | |||
16:00 20mTalk | Prober: Practically Defending Overflows with Page Protection Research Papers Hongyu Liu Purdue University, Ruiqin Tian College of William and Mary, Bin Ren College of William and Mary, Tongping Liu University of Massachusetts Amherst | ||
16:20 20mTalk | MinerRay: Semantics-Aware Analysis for Ever-Evolving Cryptojacking Detection Research Papers Alan Romano University at Buffalo, SUNY, Yunhui Zheng IBM Research, Weihang Wang University at Buffalo, SUNY | ||
16:40 20mTalk | Summary-Based Symbolic Evaluation for Smart Contracts Research Papers Yu Feng University of California, Santa Barbara, Emina Torlak University of Washington, Rastislav BodÃk University of Washington | ||