Memory corruption attacks, such as buffer overflow attacks, have been threatening software security for more than three decades. Despite tremendous efforts by developers and researchers to prevent programs written in memory-unsafe language (e.g., C/C++) from memory errors (the root cause of memory corruption attacks), the drawbacks and limitations of prior protectionmechanisms impede their wide deployment. Prior approaches suffer from either (1) incomplete coverage of memory errors, (2) prohibitively high runtime overhead, (3) weak protection for metadata used by the approach, (4) low source compatibility to legacy code, (5) low binary compatibility to compiled binaries, (6) limited modularity support, or (7) low scalability for larger programs.This thesis presents AHEMS, an architectural support that ensures both spatial and temporal memory safety based on the pointer-basedapproach to overcome the aforementioned drawbacks. AHEMSprovides three novel features that allow for fast, flexible, and secure memory safety checking. First, AHEMS checks memory safety asynchronously to the main processor so that the runtime overhead is very low. Second, AHEMScan be flexibly implemented either in a processor, as a co-processor, or as an external device, depending on the designer's choice. Third, AHEMS providesphysical isolation for the metadata (i.e., base and bounds information) so that the metadata cannot be tampered with by any means.We implement an FPGA prototype for AHEMS that allows us to evaluate its detection coverage, runtime overhead, critical path, hardware overhead, and power consumption. Our experiment shows that AHEMS passes 676 security test cases out of 11 different CWEs (including spatial and temporal memory errors) and only incurs as little as 10.6% runtime overhead with a negligible impact on the critical path (0.06% overhead) and power consumption (0.5% overhead).
PDF
download
878987797
028-85220240
