과제정보
This work was supported by the BK21 FOUR program of the Education and Research Program for Future ICT Pioneers, Seoul National University in 2024. This work was supported by Institute of Information & communications Technology Planning & Evaluation (IITP) under the artificial intelligence semiconductor support program to nurture the best talents (IITP-2023-RS-2023-00256081) grant funded by the Korea government(MSIT). This work was supported by the National Research Foundation of Korea(NRF) grant funded by the Korea government(MSIT) (RS-2023-00277326). This work was supported by Inter-University Semiconductor Research Center (ISRC).
참고문헌
- CVE-2024-31083 https://nvd.nist.gov/vuln/detail/CVE-2024-31083
- CVE-2024-3299 https://nvd.nist.gov/vuln/detail/CVE-2024-3299
- CVE-2024-26801 https://nvd.nist.gov/vuln/detail/CVE-2024-26801
- Van Der Kouwe, E., Nigade, V., & Giuffrida, C. (2017, April). Dangsan: Scalable use-after-free detection. In Proceedings of the Twelfth European Conference on Computer Systems (pp. 405-419).
- Caballero, J., Grieco, G., Marron, M., & Nappa, A. (2012, July). Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities. In Proceedings of the 2012 International Symposium on Software Testing and Analysis (pp. 133-143).
- Lee, B., Song, C., Jang, Y., Wang, T., Kim, T., Lu, L., & Lee, W. (2015, February). Preventing Use-after-free with Dangling Pointers Nullification. In NDSS.
- Ainsworth, S., & Jones, T. M. (2020, May). MarkUs: Drop-in use-after-free prevention for low-level languages. In 2020 IEEE Symposium on Security and Privacy (SP) (pp. 578-591). IEEE.
- Erdos, M., Ainsworth, S., & Jones, T. M. (2022, February). MineSweeper: a "clean sweep" for drop-in use-after-free prevention. In Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (pp. 212-225).
- ARM Limited, ''Armv8.5-A memory tagging extension,'' White Paper, 2021.
- Bang, I., Kayondo, M., You, J., Kwon, D., Cho, Y., & Paek, Y. (2023). Enhancing a Lock-and-key Scheme with MTE to Mitigate Use-After-Frees. IEEE Access.
- S. Nagarakatte, J. Zhao, M. M. K. Martin, and S. dancewic, ''CETS: Compiler enforced temporal safety for C,'' in Proc. Int. Symp. Memory Manage., Jun. 2010, pp. 31-40.
- T. H. Y. Dang, P. Maniatis, and D. Wagner, ''Oscar: A practical pagepermissions-based scheme for thwarting dangling pointers,'' in Proc. 26th USENIX Secur. Symp., 2017, pp. 815-832.
- Memory Tagging Extension User-Space Support, 2020. [Online]. Available: https://lore.kernel.org/linux-arm-kernel/20200703153718.16973-1-catalin.marinas@arm.com