Archipelago

Lvin, Vitaliy B.; Novark, Gene; Berger, Emery D.; Zorn, Benjamin G.

doi:10.1145/1353535.1346296

Cited by 4 publications

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

There Is Safety in Numbers: Preventing Control-Flow Hijacking by Duplication

2012

View full text Add to dashboard Cite

Despite the large number of proposed countermeasures against control-flow hijacking attacks, these attacks still pose a great threat for today's applications. The problem with existing solutions is that they either provide incomplete probabilistic protection (e.g., stack canaries) or impose a high runtime overhead (e.g., bounds checking). In this paper, we show how the concept of program-part duplication can be used to protect against control-flow hijacking attacks and present two different instantiations of the duplication concept which protect against popular attack vectors. First, we use the duplication of functions to eliminate the need of return addresses and thus provide complete protection against attacks targeting a function's return address. Then we demonstrate how the integrity of function pointers can be protected through the use of data duplication. We test the combined effectiveness of our two methods and experimentally show that they provide an almost complete protection against control-flow hijacking attacks with only a low runtime overhead in real-world applications.

show abstract

There Is Safety in Numbers: Preventing Control-Flow Hijacking by Duplication

2012

View full text Add to dashboard Cite

show abstract

Optimised memory allocation for less false abortion and better performance in hardware transactional memory

Altenbek

2019

International Journal of Parallel, Emergent and Distributed Sys

View full text Add to dashboard Cite

Cache index-aware memory allocation

Afek

Dice

Morrison

2011

Proceedings of the International Symposium on Memory Management

View full text Add to dashboard Cite

Poor placement of data blocks in memory may negatively impact application performance because of an increase in the cache conflict miss rate [18]. For dynamically allocated structures this placement is typically determined by the memory allocator. Cache index-oblivious allocators may inadvertently place blocks on a restricted fraction of the available cache indexes, artificially and needlessly increasing the conflict miss rate. While some allocators are less vulnerable to this phenomena, no general-purpose malloc allocator is index-aware and methodologically addresses this concern. We demonstrate that many existing state-of-the-art allocators are index-oblivious, admitting performance pathologies for certain block sizes. We show that a simple adjustment within the allocator to control the spacing of blocks can provide better index coverage, which in turn reduces the superfluous conflict miss rate in various applications, improving performance with no observed negative consequences. The result is an index-aware allocator. Our technique is general and can easily be applied to most memory allocators and to various processor architectures.Furthermore, we can reduce inter-thread and inter-process conflict misses for processors where threads concurrently share the level-1 cache such as the Sun UltraSPARC-T2 TM and Intel "Nehalem" by coloring the placement of blocks so that allocations for different threads and processes start on different cache indexes.

show abstract

Archipelago

Cited by 4 publications

References 24 publications

There Is Safety in Numbers: Preventing Control-Flow Hijacking by Duplication

There Is Safety in Numbers: Preventing Control-Flow Hijacking by Duplication

Optimised memory allocation for less false abortion and better performance in hardware transactional memory

Cache index-aware memory allocation

Contact Info

Product

Resources

About