| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 425967 | Future Generation Computer Systems | 2012 | 6 Pages |
Since pointer variables frequently cause programs to crash in unexpected ways, they often pose vulnerability abused as immediate or intermediate targets. Although code pointer attacks have been historically dominant, data pointer attacks are also recognized as realistic threats. This paper presents how to secure heap memory from data pointer attacks, in particular, heap overflow attacks. Our protection scheme encrypts the data pointers used for linking free chunks, and decrypts the pointers only before dereferencing. We also present a list structure with duplicate links that is harder to break than the conventional linked list structure. Our experiment shows that the proposed data pointer encoding is effective and has slightly better performance than the integrity check of link pointers in GNU’s standard C library.
Research highlights► Introduce the concept ”data pointer encoding”. ► Show how to protect heap space by data pointer encoding. ► Enhances the structure of free chunks of heap memory to make dual-linked lists for better security and detection. ► Present the experimental result using the GNU’s standard C library.
