Software Memory Protection
From Dependability
Software Memory Protection
Software Memory Protection is a project funded by award FA8750-07-2-0029 under NICECAP (National Intelligence Community Enterprise Computing Assurance Program), from the IARPA organization within the Office of the Director of National Intelligence. The goal of SMP (Software Memory Protection) is to prevent and remediate memory overwriting attacks on software binaries.
Contents |
Scope
The initial project is an 18-month contract, running from April 1, 2007, through October 1, 2008, with review and renewal after 12 months. During this 18 months, SMP will be implemented for x86 Linux platform binaries that were compiled from C source. After 12 months, the prevention phase of the project will be complete, except for some remaining optimization of the run time overhead. The final 6 months will focus on the remediation phase. NOTE: The project was given a no-cost extension through December 31, 2008.
Project Overview
The goal of SMP is to protect program binaries against memory overwriting attacks. No source code is assumed to be available, and none is analyzed by SMP. The defense provided is a general defense that encompasses all prior specific defenses (e.g. stack smashing and heap smashing defenses, defenses against format string exploits, integer overflow exploits, double-free exploits, etc.)
As stated in the project proposal, memory overwriting attacks are those attacks in which a malicious user provides program input that causes a critical data item to be overwritten by a program statement that, in the absence of malicious input, would not have written to that data item. Details can be found in the Talks section.
People
Principal Investigators
Research Staff
Visiting Staff
- Ann Bailey
- Mark Bailey
Graduate Students
- Sudeep Ghosh
- Joy Kamunyori
- Hong Pham
Undergraduate Students
- Kevin Binswanger
- Nicholas Williams
Documents and Publications
- Hiser, Jason D., Clark L. Coleman, Michele Co, and Jack W. Davidson, "MEDS: The Memory Error Detection System", Proceedings of ESSoS 09: The International Symposium on Engineering Secure Software and Systems, February 4-6, 2009, Leuven, Belgium. PDF
Other publications are in progress.
The tutorial for users of SMP should be consulted after installing the software.
The Final Report for the project summarizes the project and its accomplishments.
Talks
All talks and posters are in PDF form.
July 6, 2007 Site Visit
September, 2007 Joint PI Meeting (Boston, MA)
November 14, 2007 Site Visit
January 31, 2008 Reverse Site Visit
April, 2008 Joint PI Meeting (Lisle, IL)
July 24, 2008 Site Visit
September, 2008 Joint PI Meeting (Washington, DC)
Software
An installation guide for the software listed below is available.
The gzipped tar file for the Strata directory tree, which includes mmStrata, the profiler, and the Stratafier tool, along with basic test cases for Strata functionality, can be downloaded from here.
The gzipped tar file for the SMP Static Analyzer tool can be downloaded from here.
The test suites used to evaluate the SMP project can be found here.
Project Deliverables
The software distribution and installation guide can be found in the Software section of this web page.
The user tutorial and Final Project Report can be found in the Documents and Publications section of this web page.