Conference item icon

Conference item

Automatic heap layout manipulation for exploitation

Abstract:

Heap layout manipulation is integral to exploiting heapbased memory corruption vulnerabilities. In this paper we present the first automatic approach to the problem, based on pseudo-random black-box search. Our approach searches for the inputs required to place the source of a heap-based buffer overflow or underflow next to heap-allocated objects that an exploit developer, or automatic exploit generation system, wishes to read or corrupt. We present a framework for benchmarking heap layout ma...

Expand abstract
Publication status:
Published
Peer review status:
Peer reviewed

Actions


Access Document


Files:
  • (Accepted manuscript, pdf, 368.2KB)

Authors


More by this author
Institution:
University of Oxford
Division:
MPLS Division
Department:
Computer Science
Role:
Author
More by this author
Institution:
University of Oxford
Division:
MPLS
Department:
Computer Science
Oxford college:
Balliol College
Role:
Author
ORCID:
0000-0002-2462-2782
More by this author
Institution:
University of Oxford
Division:
MPLS Division
Department:
Computer Science
Role:
Author
Publisher:
USENIX Association Publisher's website
Journal:
27th USENIX Security Symposium Journal website
Pages:
763-779
Host title:
27th USENIX Security Symposium
Publication date:
2018-07-13
Acceptance date:
2018-05-02
Source identifiers:
845728
ISBN:
9781931971461
Pubs id:
pubs:845728
UUID:
uuid:c94dc7cf-163f-4c70-8e3f-d19de028f3b1
Local pid:
pubs:845728
Deposit date:
2018-05-03

Terms of use


Views and Downloads






If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP