Sciweavers

ASPLOS
2008
ACM

Archipelago: trading address space for reliability and security

14 years 2 months ago
Archipelago: trading address space for reliability and security
Memory errors are a notorious source of security vulnerabilities that can lead to service interruptions, information leakage and unauthorized access. Because such errors are also difficult to debug, the absence of timely patches can leave users vulnerable to attack for long periods of time. A variety of approaches have been introduced to combat these errors, but these often incur large runtime overheads and generally abort on errors, threatening availability. This paper presents Archipelago, a runtime system that takes advantage of available address space to substantially reduce the likelihood that a memory error will affect program execution. Archipelago randomly allocates heap objects far apart in virtual address space, effectively isolating each object from buffer overflows. Archipelago also protects against dangling pointer errors by preserving the contents of freed objects after they are freed. Archipelago thus trades virtual address space--a plentiful resource on 64-bit systems-...
Vitaliy B. Lvin, Gene Novark, Emery D. Berger, Ben
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where ASPLOS
Authors Vitaliy B. Lvin, Gene Novark, Emery D. Berger, Benjamin G. Zorn
Comments (0)