@article{ME0279D34,
title = "Operating System Support-Based Prevention Mechanism for Use-After-Free Attacks on the Glibc Memory Allocator",
journal = "Journal of KIISE, JOK",
year = "2023",
issn = "2383-630X",
doi = "10.5626/JOK.2023.50.7.541",
author = "Chanyoung Park,Jaehyu Lee,Daeyeon Kim,Hyungon Moon",
keywords = "dangling pointer,mark-and-sweep,operating system support",
abstract = "Use-after-free is a longstanding memory safety problem that causes many security-critical software vulnerabilities. The importance of this problem has motivated the development of numerous mitigation and prevention mechanisms. A class of these mechanisms mimics garbage collectors to prevent use-after-free. The mechanisms delay freeing a heap chunk until they verify the absence of dangling pointers to the chunk. An earlier work, MarkUs, has demonstrated that this delayed-free approach could be implemented with relatively low overhead on many benchmarks. We go further in this direction and present MarKern, a delayed-free mechanism for use-after-free prevention backed by the operating system’s kernel-level support. MarkKern discovers limitations caused by existing Mark-and-Sweep approach implemented only at the user level and solves them through kernel-level supports. Moreover, unlike existing approaches, MarkKern supports the glibc(GNU C Library) Allocator. MarKern addresses these problems with the help of kernel-level support, thereby preventing use-after-free for a program running with the glibc malloc with 18.50% overhead in execution time on average(geometric mean)."
}