LMP: Light-Weighted Memory Protection with Hardware Assistance

Despite a long history and many proposals, memory corruption attacks are still viable -- a secure and low-overhead defense against return-oriented programming (ROP) continues to elude the security community. Currently proposed solutions still must choose between either not fully protecting critical data and relying instead of information hiding, or using incomplete, coarse-grain checking that can be circumvented by a suitably skilled attacker. In this paper, we present a light-weighted memory protection approach (LMP) that uses Intel's MPX hardware extensions to provide complete, fast ROP protection without having to rely in information hiding. We demonstrate a prototype that defeats ROP attacks while incurring an average runtime overhead of 3.9%.

Author(s):

Wei Huang    
University of Toronto
Canada

Zhen Huang    
University of Toronto
Canada

Dhaval Miyani    
University of Toronto
Canada

David Lie    
University of Toronto
Canada