Heap exploits are one of the most advanced, complex and frequent types of attack. Over the years, many effective techniques have been developed to mitigate them, such as data execution prevention, address space layout randomization and canaries. However, if both knowledge and control of the memory allocation are available, heap spraying and other attacks are still feasible. This paper presents HAIT, a memory profiler that records critical operations on the heap and shows them graphically in a clear and comprehensible format. A prototype was implemented on top of Triton, a framework for dynamic binary analysis. The experimental evaluation demonstrates that HAIT can help identifying the essential information needed to carry out heap exploits, providing valuable knowledge for an effective attack.

HAIT: Heap Analyzer with Input Tracing / Atzeni, Andrea; Marcelli, Andrea; Muroni, Francesco; Squillero, Giovanni. - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 6: SECRYPT:(2017), pp. 327-334. (Intervento presentato al convegno SECRYPT 2017 tenutosi a Madrid, Spain nel 24-26 Luglio 2017) [10.5220/0006420803270334].

HAIT: Heap Analyzer with Input Tracing

ATZENI, ANDREA;MARCELLI, ANDREA;MURONI, FRANCESCO;SQUILLERO, GIOVANNI
2017

Abstract

Heap exploits are one of the most advanced, complex and frequent types of attack. Over the years, many effective techniques have been developed to mitigate them, such as data execution prevention, address space layout randomization and canaries. However, if both knowledge and control of the memory allocation are available, heap spraying and other attacks are still feasible. This paper presents HAIT, a memory profiler that records critical operations on the heap and shows them graphically in a clear and comprehensible format. A prototype was implemented on top of Triton, a framework for dynamic binary analysis. The experimental evaluation demonstrates that HAIT can help identifying the essential information needed to carry out heap exploits, providing valuable knowledge for an effective attack.
2017
978-989-758-259-2
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2672737
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo