Speaker: Dinghao Wu
Title: Lightweight Concurrent Heap Buffer Overflow Detection

Abstract

"The free lunch" ended five years ago. Today's CPU speed is the same
as (or even slower than) five years ago. The IC industry is shifting
to the multicore (or many-core) era. Intel and AMD have rolled out
dual- and quad-core processors, and it will soon be
many-core. Existing programs that do not take advantage of extra cores
will not run faster. On the other hand, the extra cores have important
applications on security. Although we cannot make our existing
sequential programs run faster, at least we can make it safer and more
secure with extra cores.

In this project, we revisit the buffer overflow problem, which is
among the top 3 security vulnerabilities in the past decade. Previous
mitigation and detection techniques suffer from legacy code
compatibility, high performance overhead, semantics loyalty, or
tedious manual program transformation. We present a method for
lightweight concurrent heap buffer overflow detection that utilizes
the extra cores for security monitoring. A separate thread is added to
monitor the user program heap integrity. We use non-blocking data
structures and algorithms to minimize the synchronization overhead
between the user program and the monitoring thread. Consequently, the
monitoring thread does not block the user program, and performance
overhead can be made extremely low.

(This is joint work with Qiang Zeng and Peng Liu)