Protecting the stack with PACed canaries

09/12/2019
by   Hans Liljestrand, et al.
0

Stack canaries remain a widely deployed defense against memory corruption attacks. Despite their practical usefulness, canaries are vulnerable to memory disclosure and brute-forcing attacks. We propose PCan, a new approach based on ARMv8.3-A pointer authentication (PA), that uses dynamically-generated canaries to mitigate these weaknesses and show that it provides more fine-grained protection with minimal performance overhead.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
06/25/2018

A Leak-Resilient Dual Stack Scheme for Backward-Edge Control-Flow Integrity

Manipulations of return addresses on the stack are the basis for a varie...
research
11/07/2018

Shining Light On Shadow Stacks

Control-Flow Hijacking attacks are the dominant attack vector to comprom...
research
07/08/2019

StackVault: Protection from Untrusted Functions

Data exfiltration attacks have led to huge data breaches. Recently, the ...
research
05/25/2020

The never ending war in the stack and the reincarnation of ROP attacks

Return Oriented Programming (ROP) is a technique by which an attacker ca...
research
02/28/2023

Protected Data Plane OS Using Memory Protection Keys and Lightweight Activation

Increasing data center network speed coupled with application requiremen...
research
09/12/2023

CToMP: A Cycle-task-oriented Memory Protection Scheme for Unmanned Systems

Memory corruption attacks (MCAs) refer to malicious behaviors of system ...
research
09/20/2019

Making Code Re-randomization Practical with MARDU

Defense techniques such as Data Execution Prevention (DEP) and Address S...

Please sign up or login with your details

Forgot password? Click here to reset