DieHarder (CCS 2010, WOOT 2011)

•

0 likes•540 views

Heap-based attacks depend on a combination of memory management errors and an exploitable memory allocator. Many allocators include ad hoc countermeasures against particular exploits, but their effectiveness against future exploits has been uncertain. This paper presents the first formal treatment of the impact of allocator design on security. It analyzes a range of widely-deployed memory allocators, including those used by Windows, Linux, FreeBSD, and OpenBSD, and shows that they remain vulnerable to attack. It then presents DieHarder, a new allocator whose design was guided by this analysis. DieHarder provides the highest degree of security from heap-based attacks of any practical allocator of which we are aware, while imposing modest performance overhead. In particular, the Firefox web browser runs as fast with DieHarder as with the Linux allocator.

Education Technology

DIEHARDER:

SECURING
THE
HEAP

Gene
Novark
&
Emery
Berger

University
of
Massachusetts,

Amherst

[originally
presented
at
CCS
ASSACHUSETTS,
AMHERST

•

Department
of
Computer
Science

UNIVERSITY
OF
M 2011]

DieHard:
ProbabilisFc
Memory
Safety

for
C/C++
Programs
[PLDI
2005]

Direct
inspira4on

for
Windows
7’s

Fault-‐Tolerant

Heap
(2009)

UNIVERSITY
OF
MASSACHUSETTS,
AMHERST

•

Department
of
Computer
Science

DieHard:
ProbabilisFc
Memory
Safety

for
C/C++
Programs
[PLDI
2005]

Direct
inspira4on

for
Windows
7’s

Fault-‐Tolerant

Heap
(2009)

UNIVERSITY
OF
MASSACHUSETTS,
AMHERST

•

Department
of
Computer
Science

sensitive

data
/
metadata

32

sensitive

data
/
metadata

All data / metadata sensitive

33

guard
/
unmapped
page

34

guard
/
unmapped
page

35

Address-‐space
layout

randomization

39

object free space

heap metadata

prev. object
object free space
object size

heap metadata
(GNU libc, others)

object x free space

heap metadata

object x free space

heap metadata

≈ 4-5 bits of entropy

51

Maximal entropy:
log N bits (e.g., ≈ 25-30)

53

44.2 sec

44.2 sec 41.6 sec

DIEHARDER:

SECURING
THE
HEAP

Gene
Novark
&
Emery
Berger

University
of
Massachusetts,

Amherst

UNIVERSITY
OF
MASSACHUSETTS,
AMHERST

•

Department
of
Computer
Science

More Related Content

Viewers also liked

Salud y seguridad de los trabajadores del sector salud.pdf

Salud y seguridad de los trabajadores del sector salud.pdf

Salud y seguridad de los trabajadores del sector salud.pdf

Ana González Sánchez

15_11-18_PR_Traverse Announces Patent Issuance

15_11-18_PR_Traverse Announces Patent Issuance

15_11-18_PR_Traverse Announces Patent Issuance

Lab safety 12_10_13

Lab safety 12_10_13

Lab safety 12_10_13

Lectura taller virtual los dos gallos

Lectura taller virtual los dos gallos

Lectura taller virtual los dos gallos

Anzoategui Docente

How to Create Creative Commons Licensing Buttons for Your Website

How to Create Creative Commons Licensing Buttons for Your Website

How to Create Creative Commons Licensing Buttons for Your Website

Finding a job using social media

Finding a job using social media

Finding a job using social media

Intranet Future

Hands-On LinkedIn for Beginners

Hands-On LinkedIn for Beginners

Hands-On LinkedIn for Beginners

Paula Battalia Brand

The Impact of a Medical Device Recall

The Impact of a Medical Device Recall

The Impact of a Medical Device Recall

hidayath cv 2016

hidayath cv 2016

hidayath cv 2016

raja mohamed Hidayath

LINK UP - How your business can benefit from LinkedIn

LINK UP - How your business can benefit from LinkedIn

LINK UP - How your business can benefit from LinkedIn

Intranet Future

Securing the Infrastructure and the Workloads of Linux Containers

Securing the Infrastructure and the Workloads of Linux Containers

Securing the Infrastructure and the Workloads of Linux Containers

Massimiliano Mattetti

shahid shabbir cv

shahid shabbir cv

shahid shabbir cv

Walmart

Diana Marlen Ocote Hernandez

Banja Luka

Dr David Hancock

Presentacion de educación en México

Presentacion de educación en México

Presentacion de educación en México

mbrionessauceda

BNI Lake Business Builders- LOZ Vice President report

BNI Lake Business Builders- LOZ Vice President report

BNI Lake Business Builders- LOZ Vice President report

Viewers also liked (16)

Salud y seguridad de los trabajadores del sector salud.pdf

Salud y seguridad de los trabajadores del sector salud.pdf

Salud y seguridad de los trabajadores del sector salud.pdf

15_11-18_PR_Traverse Announces Patent Issuance

15_11-18_PR_Traverse Announces Patent Issuance

15_11-18_PR_Traverse Announces Patent Issuance

Lab safety 12_10_13

Lab safety 12_10_13

Lab safety 12_10_13

Lectura taller virtual los dos gallos

Lectura taller virtual los dos gallos

Lectura taller virtual los dos gallos

How to Create Creative Commons Licensing Buttons for Your Website

How to Create Creative Commons Licensing Buttons for Your Website

How to Create Creative Commons Licensing Buttons for Your Website

Finding a job using social media

Finding a job using social media

Finding a job using social media

Hands-On LinkedIn for Beginners

Hands-On LinkedIn for Beginners

Hands-On LinkedIn for Beginners

The Impact of a Medical Device Recall

The Impact of a Medical Device Recall

The Impact of a Medical Device Recall

hidayath cv 2016

hidayath cv 2016

hidayath cv 2016

LINK UP - How your business can benefit from LinkedIn

LINK UP - How your business can benefit from LinkedIn

LINK UP - How your business can benefit from LinkedIn

Securing the Infrastructure and the Workloads of Linux Containers

Securing the Infrastructure and the Workloads of Linux Containers

Securing the Infrastructure and the Workloads of Linux Containers

shahid shabbir cv

shahid shabbir cv

shahid shabbir cv

Walmart

Banja Luka

Presentacion de educación en México

Presentacion de educación en México

Presentacion de educación en México

BNI Lake Business Builders- LOZ Vice President report

BNI Lake Business Builders- LOZ Vice President report

BNI Lake Business Builders- LOZ Vice President report

More from Emery Berger

Web browsers have become a de facto universal operating system, and JavaScript its instruction set. Unfortunately, running other languages in the browser is not generally possible. Translation to JavaScript is not enough because browsers are a hostile environment for other languages. Previous approaches are either non-portable or require extensive modifications for programs to work in a browser. This talk presents Doppio, a JavaScript-based runtime system that makes it possible to run unaltered applications written in general- purpose languages directly inside the browser. Doppio provides a wide range of runtime services, including a file system that enables local and external (cloud-based) storage, an unmanaged heap, sockets, blocking I/O, and multiple threads. We demonstrate Doppio's usefulness with two case studies: we extend Emscripten with Doppio, letting it run an unmodified C++ application in the browser with full functionality, and present DoppioJVM, an interpreter that runs unmodified JVM programs directly in the browser. While substantially slower than a native JVM, DoppioJVM makes it feasible to directly reuse existing, non compute-intensive code.

Doppio: Breaking the Browser Language Barrier

Doppio: Breaking the Browser Language Barrier

Doppio: Breaking the Browser Language Barrier

Dthreads is an efﬁcient deterministic multithreading system for unmodiﬁed C/C++ applications that replaces the pthreads library. Dthreads enforces determinism in the face of data races and deadlocks. It is easy to use: just link your program with -ldthread instead of -lpthread. Dthreads can be downloaded from its source code repo on GitHub (https://github.com/plasma-umass/dthreads). A technical paper describing Dthreads appeared at SOSP 2012 (https://github.com/plasma-umass/dthreads/blob/master/doc/dthreads-sosp11.pdf?raw=true). Multithreaded programming is notoriously difficult to get right. A key problem is non-determinism, which complicates debugging, testing, and reproducing errors. One way to simplify multithreaded programming is to enforce deterministic execution, but current deterministic systems for C/C++ are incomplete or impractical. These systems require program modification, do not ensure determinism in the presence of data races, do not work with general-purpose multithreaded programs, or run up to 8.4× slower than pthreads. This talk presents Dthreads, an efficient deterministic multithreading system for unmodified C/C++ applications that replaces the pthreads library. Dthreads enforces determinism in the face of data races and deadlocks. Dthreads works by exploding multithreaded applications into multiple processes, with private, copy-on-write mappings to shared memory. It uses standard virtual memory protection to track writes, and deterministically orders updates by each thread. By separating updates from different threads, Dthreads has the additional benefit of eliminating false sharing. Experimental results show that Dthreads substantially outperforms a state-of-the-art deterministic runtime system, and for a majority of the benchmarks we evaluated, matches and occasionally exceeds the performance of pthreads.

Dthreads: Efficient Deterministic Multithreading

Dthreads: Efficient Deterministic Multithreading

Dthreads: Efficient Deterministic Multithreading

Humans can perform many tasks with ease that remain difficult or impossible for computers. Crowdsourcing platforms like Amazon's Mechanical Turk make it possible to harness human-based computational power on an unprecedented scale. However, their utility as a general-purpose computational platform remains limited. The lack of complete automation makes it difficult to orchestrate complex or interrelated tasks. Scheduling human workers to reduce latency costs real money, and jobs must be monitored and rescheduled when workers fail to complete their tasks. Furthermore, it is often difficult to predict the length of time and payment that should be budgeted for a given task. Finally, the results of human-based computations are not necessarily reliable, both because human skills and accuracy vary widely, and because workers have a financial incentive to minimize their effort. This talk presents AutoMan, the first fully automatic crowdprogramming system. AutoMan integrates human-based computations into a standard programming language as ordinary function calls, which can be intermixed freely with traditional functions. This abstraction allows AutoMan programmers to focus on their programming logic. An AutoMan program specifies a confidence level for the overall computation and a budget. The AutoMan runtime system then transparently manages all details necessary for scheduling, pricing, and quality control. AutoMan automatically schedules human tasks for each computation until it achieves the desired confidence level; monitors, reprices, and restarts human tasks as necessary; and maximizes parallelism across human workers while staying under budget. AutoMan is available for download at www.automan-lang.org.

Programming with People

Programming with People

Programming with People

Stabilizer: Statistically Sound Performance Evaluation

Stabilizer: Statistically Sound Performance Evaluation

Stabilizer: Statistically Sound Performance Evaluation

Operating Systems - Advanced File Systems

Operating Systems - Advanced File Systems

Operating Systems - Advanced File Systems

Operating Systems - File Systems

Operating Systems - File Systems

Operating Systems - File Systems

Operating Systems - Networks

Operating Systems - Networks

Operating Systems - Networks

Operating Systems - Queuing Systems

Operating Systems - Queuing Systems

Operating Systems - Queuing Systems

Operating Systems - Distributed Parallel Computing

Operating Systems - Distributed Parallel Computing

Operating Systems - Distributed Parallel Computing

Operating Systems - Concurrency

Operating Systems - Concurrency

Operating Systems - Concurrency

Operating Systems - Advanced Synchronization

Operating Systems - Advanced Synchronization

Operating Systems - Advanced Synchronization

Operating Systems - Synchronization

Operating Systems - Synchronization

Operating Systems - Synchronization

Processes and Threads

Processes and Threads

Processes and Threads

Virtual Memory and Paging

Virtual Memory and Paging

Virtual Memory and Paging

Operating Systems - Virtual Memory

Operating Systems - Virtual Memory

Operating Systems - Virtual Memory

MC2: High-Performance Garbage Collection for Memory-Constrained Environments

MC2: High-Performance Garbage Collection for Memory-Constrained Environments

MC2: High-Performance Garbage Collection for Memory-Constrained Environments

Vam: A Locality-Improving Dynamic Memory Allocator

Vam: A Locality-Improving Dynamic Memory Allocator

Vam: A Locality-Improving Dynamic Memory Allocator

This talk answers an age-old question: is garbage collection faster/slower/the same speed as malloc/free? We introduce oracular memory management, an approach that lets us measure unaltered Java programs as if they used malloc and free. The result: a good GC can match the performance of a good allocator, but it takes 5X more space. If physical memory is tight, however, conventional garbage collectors suffer an order-of-magnitude performance penalty.

Quantifying the Performance of Garbage Collection vs. Explicit Memory Management

Quantifying the Performance of Garbage Collection vs. Explicit Memory Management

Quantifying the Performance of Garbage Collection vs. Explicit Memory Management

Introduces bookmarking collection, a GC algorithm that works with the virtual memory manager to eliminate paging. Just before memory is paged out, the collector "bookmarks" the targets of pointers from the pages. Using these bookmarks, BC can perform full garbage collections without loading the pages back from disk. By performing in-memory garbage collections, BC can speed up Java programs by orders of magnitude (up to 41X).

Garbage Collection without Paging

Garbage Collection without Paging

Garbage Collection without Paging

DieHard uses randomization and replication to transparently make C and C++ programs tolerate a wide range of errors, including buffer overflows and dangling pointers. Instead of crashing or running amok, DieHard lets programs continue to run correctly in the face of memory errors with high probability. Using DieHard also makes programs highly resistant to heap-based hacker attacks. Downloadable at www.diehard-software.org.

DieHard: Probabilistic Memory Safety for Unsafe Languages

DieHard: Probabilistic Memory Safety for Unsafe Languages

DieHard: Probabilistic Memory Safety for Unsafe Languages

More from Emery Berger (20)

Doppio: Breaking the Browser Language Barrier

Doppio: Breaking the Browser Language Barrier

Doppio: Breaking the Browser Language Barrier

Dthreads: Efficient Deterministic Multithreading

Dthreads: Efficient Deterministic Multithreading

Dthreads: Efficient Deterministic Multithreading

Programming with People

Programming with People

Programming with People

Stabilizer: Statistically Sound Performance Evaluation

Stabilizer: Statistically Sound Performance Evaluation

Stabilizer: Statistically Sound Performance Evaluation

Operating Systems - Advanced File Systems

Operating Systems - Advanced File Systems

Operating Systems - Advanced File Systems

Operating Systems - File Systems

Operating Systems - File Systems

Operating Systems - File Systems

Operating Systems - Networks

Operating Systems - Networks

Operating Systems - Networks

Operating Systems - Queuing Systems

Operating Systems - Queuing Systems

Operating Systems - Queuing Systems

Operating Systems - Distributed Parallel Computing

Operating Systems - Distributed Parallel Computing

Operating Systems - Distributed Parallel Computing

Operating Systems - Concurrency

Operating Systems - Concurrency

Operating Systems - Concurrency

Operating Systems - Advanced Synchronization

Operating Systems - Advanced Synchronization

Operating Systems - Advanced Synchronization

Operating Systems - Synchronization

Operating Systems - Synchronization

Operating Systems - Synchronization

Processes and Threads

Processes and Threads

Processes and Threads

Virtual Memory and Paging

Virtual Memory and Paging

Virtual Memory and Paging

Operating Systems - Virtual Memory

Operating Systems - Virtual Memory

Operating Systems - Virtual Memory

MC2: High-Performance Garbage Collection for Memory-Constrained Environments

MC2: High-Performance Garbage Collection for Memory-Constrained Environments

MC2: High-Performance Garbage Collection for Memory-Constrained Environments

Vam: A Locality-Improving Dynamic Memory Allocator

Vam: A Locality-Improving Dynamic Memory Allocator

Vam: A Locality-Improving Dynamic Memory Allocator

Quantifying the Performance of Garbage Collection vs. Explicit Memory Management

Quantifying the Performance of Garbage Collection vs. Explicit Memory Management

Quantifying the Performance of Garbage Collection vs. Explicit Memory Management

Garbage Collection without Paging

Garbage Collection without Paging

Garbage Collection without Paging

DieHard: Probabilistic Memory Safety for Unsafe Languages

DieHard: Probabilistic Memory Safety for Unsafe Languages

DieHard: Probabilistic Memory Safety for Unsafe Languages

Recently uploaded

TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...

TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...

TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...

Nguyen Thanh Tu Collection

Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf

Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf

Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf

Dr Vijay Vishwakarma

ICT role in 21st century education and it's challenges.

ICT role in 21st century education and it's challenges.

ICT role in 21st century education and it's challenges.

𝐋𝐞𝐬𝐬𝐨𝐧 𝐎𝐮𝐭𝐜𝐨𝐦𝐞𝐬: -Discern accommodations and modifications within inclusive classroom environments, distinguishing between their respective roles and applications. -Through critical analysis of hypothetical scenarios, learners will adeptly select appropriate accommodations and modifications, honing their ability to foster an inclusive learning environment for students with disabilities or unique challenges.

Understanding Accommodations and Modifications

Understanding Accommodations and Modifications

Understanding Accommodations and Modifications

Basic Civil Engineering notes first year Notes Building notes Selection of site for Building Layout of a Building What is Burjis, Mutam Building Bye laws Basic Concept of sunlight ventilation in building National Building Code of India Set back or building line Types of Buildings Floor Space Index (F.S.I) Institutional Vs Educational Building Components & function Sills, Lintels, Cantilever Doors, Windows and Ventilators Types of Foundation AND THEIR USES Plinth Area Shallow and Deep Foundation Super Built-up & carpet area Floor Area Ratio (F.A.R) RCC Reinforced Cement Concrete RCC VS PCC

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

How to Manage Global Discount in Odoo 17 POS

How to Manage Global Discount in Odoo 17 POS

How to Manage Global Discount in Odoo 17 POS

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

Key note speaker Neum_Admir Softic_ENG.pdf

Key note speaker Neum_Admir Softic_ENG.pdf

Key note speaker Neum_Admir Softic_ENG.pdf

Fostering Friendships - Enhancing Social Bonds in the Classroom

Fostering Friendships - Enhancing Social Bonds in the Classroom

Fostering Friendships - Enhancing Social Bonds in the Classroom

Pooky Knightsmith

Making communications land - Are they received and understood as intended? webinar Thursday 2 May 2024 A joint webinar created by the APM Enabling Change and APM People Interest Networks, this is the third of our three part series on Making Communications Land. presented by Ian Cribbes, Director, IMC&T Ltd @cribbesheet The link to the write up page and resources of this webinar: https://www.apm.org.uk/news/making-communications-land-are-they-received-and-understood-as-intended-webinar/ Content description: How do we ensure that what we have communicated was received and understood as we intended and how do we course correct if it has not.

Making communications land - Are they received and understood as intended? we...

Making communications land - Are they received and understood as intended? we...

Making communications land - Are they received and understood as intended? we...

Association for Project Management

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

RamjanShidvankar

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

How to setup Pycharm environment for Odoo 17.pptx

How to setup Pycharm environment for Odoo 17.pptx

How to setup Pycharm environment for Odoo 17.pptx

FSB Advising Checklist - Orientation 2024

FSB Advising Checklist - Orientation 2024

FSB Advising Checklist - Orientation 2024

Elizabeth Walsh

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Google Gemini An AI Revolution in Education.pptx

Google Gemini An AI Revolution in Education.pptx

Google Gemini An AI Revolution in Education.pptx

Dr. Sarita Anand

Spatium Project Simulation student brief

Spatium Project Simulation student brief

Spatium Project Simulation student brief

Association for Project Management

Mehran University Newsletter Vol-X, Issue-I, 2024

Mehran University Newsletter Vol-X, Issue-I, 2024

Mehran University Newsletter Vol-X, Issue-I, 2024

Mehran University of Engineering & Technology, Jamshoro

Python Notes for mca i year students osmania university.docx

Python Notes for mca i year students osmania university.docx

Python Notes for mca i year students osmania university.docx

Ramakrishna Reddy Bijjam

Sociology 101 Demonstration of Learning Exhibit

Sociology 101 Demonstration of Learning Exhibit

Sociology 101 Demonstration of Learning Exhibit

Recently uploaded (20)

TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...

TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...

TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...

Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf

Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf

Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf

ICT role in 21st century education and it's challenges.

ICT role in 21st century education and it's challenges.

ICT role in 21st century education and it's challenges.

Understanding Accommodations and Modifications

Understanding Accommodations and Modifications

Understanding Accommodations and Modifications

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

Basic Civil Engineering first year Notes- Chapter 4 Building.pptx

How to Manage Global Discount in Odoo 17 POS

How to Manage Global Discount in Odoo 17 POS

How to Manage Global Discount in Odoo 17 POS

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

On National Teacher Day, meet the 2024-25 Kenan Fellows

Key note speaker Neum_Admir Softic_ENG.pdf

Key note speaker Neum_Admir Softic_ENG.pdf

Key note speaker Neum_Admir Softic_ENG.pdf

Fostering Friendships - Enhancing Social Bonds in the Classroom

Fostering Friendships - Enhancing Social Bonds in the Classroom

Fostering Friendships - Enhancing Social Bonds in the Classroom

Making communications land - Are they received and understood as intended? we...

Making communications land - Are they received and understood as intended? we...

Making communications land - Are they received and understood as intended? we...

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

Application orientated numerical on hev.ppt

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

ICT Role in 21st Century Education & its Challenges.pptx

How to setup Pycharm environment for Odoo 17.pptx

How to setup Pycharm environment for Odoo 17.pptx

How to setup Pycharm environment for Odoo 17.pptx

FSB Advising Checklist - Orientation 2024

FSB Advising Checklist - Orientation 2024

FSB Advising Checklist - Orientation 2024

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Holdier Curriculum Vitae (April 2024).pdf

Google Gemini An AI Revolution in Education.pptx

Google Gemini An AI Revolution in Education.pptx

Google Gemini An AI Revolution in Education.pptx

Spatium Project Simulation student brief

Spatium Project Simulation student brief

Spatium Project Simulation student brief

Mehran University Newsletter Vol-X, Issue-I, 2024

Mehran University Newsletter Vol-X, Issue-I, 2024

Mehran University Newsletter Vol-X, Issue-I, 2024

Python Notes for mca i year students osmania university.docx

Python Notes for mca i year students osmania university.docx

Python Notes for mca i year students osmania university.docx

Sociology 101 Demonstration of Learning Exhibit

Sociology 101 Demonstration of Learning Exhibit

Sociology 101 Demonstration of Learning Exhibit

DieHarder (CCS 2010, WOOT 2011)

1. DIEHARDER: SECURING THE HEAP Gene Novark & Emery Berger University of Massachusetts, Amherst [originally presented at CCS ASSACHUSETTS, AMHERST • Department of Computer Science UNIVERSITY OF M 2011]

2. DieHard: ProbabilisFc Memory Safety for C/C++ Programs [PLDI 2005] Direct inspira4on for Windows 7’s Fault-‐Tolerant Heap (2009) UNIVERSITY OF MASSACHUSETTS, AMHERST • Department of Computer Science

3. DieHard: ProbabilisFc Memory Safety for C/C++ Programs [PLDI 2005] Direct inspira4on for Windows 7’s Fault-‐Tolerant Heap (2009) UNIVERSITY OF MASSACHUSETTS, AMHERST • Department of Computer Science

4.

5.

6.

7.

8.

9.

10.

11.

12.

13.

18.

19.

21.

22.

32. sensitive data / metadata 32

33. sensitive data / metadata All data / metadata sensitive 33

34. guard / unmapped page 34

35. guard / unmapped page 35

39. Address-‐space layout randomization 39

40. object free space heap metadata

41. prev. object object free space object size heap metadata (GNU libc, others)

42. object x free space heap metadata

43. object x free space heap metadata

51. ≈ 4-5 bits of entropy 51

53. Maximal entropy: log N bits (e.g., ≈ 25-30) 53

55.

56.

58. 44.2 sec 41.6 sec

59. DIEHARDER: SECURING THE HEAP Gene Novark & Emery Berger University of Massachusetts, Amherst UNIVERSITY OF MASSACHUSETTS, AMHERST • Department of Computer Science