Provably-Secure Remote Memory Attestation for Heap Overflow Protection

Alexandra Boldyreva, Taesoo Kim, Richard Lipton, Bogdan Warinschi

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

282 Downloads (Pure)

Abstract

Memory corruption attacks may lead to complete takeover of systems. There are numerous works offering protection mechanisms for this important problem. But the security guarantees that are offered by most works are only heuristic and, furthermore, most solutions are designed for protecting the local memory. In this paper we initiate the study of provably secure remote memory attestation; we concentrate on provably detecting heap-based overflow attacks and consider the setting where we aim to protect the memory in a remote system. We present two protocols offering various efficiency and security trade-offs (but all solutions are efficient enough for practical use as our implementation shows) that detect the presence of injected malicious code or data in remotely-stored heap memory. While our solutions offer protection only against a specific class of attacks, our novel formalization of threat models is general enough to cover a
wide range of attacks and settings.
Original languageEnglish
Title of host publicationSecurity and Cryptography for Networks
Subtitle of host publication10th International Conference, SCN 2016, Amalfi, Italy, August 31 – September 2, 2016, Proceedings
EditorsVassilis Zikas, Roberto De Prisco
PublisherSpringer
ISBN (Electronic)978-3-319-44618-9
ISBN (Print)978-3-319-44617-2
DOIs
Publication statusPublished - 30 Aug 2016
Event10th Conference on Security and Cryptography for Networks - Hotel La Bussola, Amalfi, Italy
Duration: 31 Aug 20162 Sep 2016

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
ISSN (Print)0302-9743

Conference

Conference10th Conference on Security and Cryptography for Networks
Abbreviated titleSCN 2016
CountryItaly
CityAmalfi
Period31/08/162/09/16

Fingerprint Dive into the research topics of 'Provably-Secure Remote Memory Attestation for Heap Overflow Protection'. Together they form a unique fingerprint.

Cite this