DeepAI AI Chat
Log In Sign Up

Protecting the stack with PACed canaries

09/12/2019
by   Hans Liljestrand, et al.
HUAWEI Technologies Co., Ltd.
aalto
Association for Computing Machinery
0

Stack canaries remain a widely deployed defense against memory corruption attacks. Despite their practical usefulness, canaries are vulnerable to memory disclosure and brute-forcing attacks. We propose PCan, a new approach based on ARMv8.3-A pointer authentication (PA), that uses dynamically-generated canaries to mitigate these weaknesses and show that it provides more fine-grained protection with minimal performance overhead.

READ FULL TEXT

page 1

page 2

page 3

page 4

06/25/2018

A Leak-Resilient Dual Stack Scheme for Backward-Edge Control-Flow Integrity

Manipulations of return addresses on the stack are the basis for a varie...
11/07/2018

Shining Light On Shadow Stacks

Control-Flow Hijacking attacks are the dominant attack vector to comprom...
07/08/2019

StackVault: Protection from Untrusted Functions

Data exfiltration attacks have led to huge data breaches. Recently, the ...
05/25/2020

The never ending war in the stack and the reincarnation of ROP attacks

Return Oriented Programming (ROP) is a technique by which an attacker ca...
02/28/2023

Protected Data Plane OS Using Memory Protection Keys and Lightweight Activation

Increasing data center network speed coupled with application requiremen...
09/20/2019

Making Code Re-randomization Practical with MARDU

Defense techniques such as Data Execution Prevention (DEP) and Address S...
10/20/2021

RegGuard: Leveraging CPU Registers for Mitigation of Control- and Data-Oriented Attacks

CPU registers are small discrete storage units, used to hold temporary d...