In-process Memory Isolation Using Hardware Watchpoint
Memory disclosure vulnerabilities have been exploited in the leaking of application secret data such as crypto keys (e.g., the Heart-bleed Bug). To ameliorate this problem, we propose an in-process memory isolation mechanism by leveraging a common hardware-feature, namely, hardware debugging. Specifically, we utilize a watchpoint to monitor a particular memory region containing secret data. We implemented the PoC of our approach based on the 64-bit ARM architecture, including the kernel patches and user APIs that help developers benefit from isolated memory use. We applied the approach to open-source applications such as OpenSSL and AESCrypt. The results of a performance evaluation show that our approach incurs a small amount of overhead.
- Issue Date
- 2019-06
- Language
- English
- Citation
56th ACM/EDAC/IEEE Design Automation Conference (DAC), pp.32:1 - 32:6
- Appears in Collection
- CS-Conference Papers(학술회의논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.