StackVault: Protection from Untrusted Functions

by   Qi Zhang, et al.

Data exfiltration attacks have led to huge data breaches. Recently, the Equifax attack affected 147M users and a third-party library - Apache Struts - was alleged to be responsible for it. These attacks often exploit the fact that sensitive data are stored unencrypted in process memory and can be accessed by any function executing within the same process, including untrusted third-party library functions. This paper presents StackVault, a kernel-based system to prevent sensitive stack-based data from being accessed in an unauthorized manner by intra-process functions. Stack-based data includes data on stack as well as data pointed to by pointer variables on stack. StackVault consists of three components: (1) a set of programming APIs to allow users to specify which data needs to be protected, (2) a kernel module which uses unforgeable function identities to reliably carry out the sensitive data protection, and (3) an LLVM compiler extension that enables transparent placement of stack protection operations. The StackVault system automatically enforces stack protection through spatial and temporal access monitoring and control over both sensitive stack data and untrusted functions. We implemented StackVault and evaluated it using a number of popular real-world applications, including gRPC. The results show that StackVault is effective and efficient, incurring only up to 2.4 runtime overhead.


RegGuard: Leveraging CPU Registers for Mitigation of Control- and Data-Oriented Attacks

CPU registers are small discrete storage units, used to hold temporary d...

Protecting the stack with PACed canaries

Stack canaries remain a widely deployed defense against memory corruptio...

Pyronia: Redesigning Least Privilege and Isolation for the Age of IoT

Third-party modules play a critical role in IoT applications, which gene...

Selfie: User-defined Sensitive Memory Protection and Recovery

Different users always have different requirement for sensitive memory d...

Pyronia: Intra-Process Access Control for IoT Applications

Third-party code plays a critical role in IoT applications, which genera...

SPAM: Stateless Permutation of Application Memory

In this paper, we propose the Stateless Permutation of Application Memor...

NetKernel: Making Network Stack Part of the Virtualized Infrastructure

This paper presents a system called NetKernel that decouples the network...