Software Memory Protection

From Dependability

Software Memory Protection

Software Memory Protection is a project funded by award FA8750-07-2-0029 under NICECAP (National Intelligence Community Enterprise Computing Assurance Program), from the IARPA organization within the Office of the Director of National Intelligence. The goal of SMP (Software Memory Protection) is to prevent and remediate memory overwriting attacks on software binaries.

Contents

Scope

The initial project is an 18-month contract, running from April 1, 2007, through October 1, 2008, with review and renewal after 12 months. During this 18 months, SMP will be implemented for x86 Linux platform binaries that were compiled from C source. After 12 months, the prevention phase of the project will be complete, except for some remaining optimization of the run time overhead. The final 6 months will focus on the remediation phase. NOTE: The project was given a no-cost extension through December 31, 2008.

Project Overview

The goal of SMP is to protect program binaries against memory overwriting attacks. No source code is assumed to be available, and none is analyzed by SMP. The defense provided is a general defense that encompasses all prior specific defenses (e.g. stack smashing and heap smashing defenses, defenses against format string exploits, integer overflow exploits, double-free exploits, etc.)

As stated in the project proposal, memory overwriting attacks are those attacks in which a malicious user provides program input that causes a critical data item to be overwritten by a program statement that, in the absence of malicious input, would not have written to that data item. Details can be found in the Talks section.

People

Principal Investigators

Research Staff

Visiting Staff

Graduate Students

  • Sudeep Ghosh
  • Joy Kamunyori
  • Hong Pham

Undergraduate Students

  • Kevin Binswanger
  • Nicholas Williams

Documents and Publications

  • Hiser, Jason D., Clark L. Coleman, Michele Co, and Jack W. Davidson, "MEDS: The Memory Error Detection System", Proceedings of ESSoS 09: The International Symposium on Engineering Secure Software and Systems, February 4-6, 2009, Leuven, Belgium. PDF

Other publications are in progress.

The tutorial for users of SMP should be consulted after installing the software.

The Final Report for the project summarizes the project and its accomplishments.

Talks

All talks and posters are in PDF form.

July 6, 2007 Site Visit

September, 2007 Joint PI Meeting (Boston, MA)

November 14, 2007 Site Visit

January 31, 2008 Reverse Site Visit

April, 2008 Joint PI Meeting (Lisle, IL)

July 24, 2008 Site Visit

September, 2008 Joint PI Meeting (Washington, DC)

Software

An installation guide for the software listed below is available.

The gzipped tar file for the Strata directory tree, which includes mmStrata, the profiler, and the Stratafier tool, along with basic test cases for Strata functionality, can be downloaded from here.

The gzipped tar file for the SMP Static Analyzer tool can be downloaded from here.

The test suites used to evaluate the SMP project can be found here.

Project Deliverables

The software distribution and installation guide can be found in the Software section of this web page.

The user tutorial and Final Project Report can be found in the Documents and Publications section of this web page.