Skip to main content
SpringerLink
Log in

MEDS: The Memory Error Detection System

  • Conference paper
Engineering Secure Software and Systems (ESSoS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5429))

Included in the following conference series:

Abstract

Memory errors continue to be a major source of software failure. To address this issue, we present MEDS (Memory Error Detection System), a system for detecting memory errors within binary executables. The system can detect buffer overflow, uninitialized data reads, double-free, and deallocated memory access errors and vulnerabilities. It works by using static analysis to prove memory accesses safe. If a memory access cannot be proven safe, MEDS falls back to run-time analysis. The system exceeds previous work with dramatic reductions in false positives, as well as covering all memory segments (stack, static, heap).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aho, A.V., Sethi, R., Ullman, J.D.: Compilers: Principles, Techniques, and Tools. Addison-Wesley, Reading (1986)

    MATH  Google Scholar 

  2. Kumar, N., Misurda, J., Childers, B.R., Soffa, M.L.: Instrumentation in software dynamic translators for self-managed systems. In: Proceedings of the 1st ACM SIGSOFT Workshop on Self-managed Systems, pp. 90–94. ACM Press, New York (2004)

    Chapter  Google Scholar 

  3. Zhou, S., Childers, B.R., Soffa, M.L.: Planning for code buffer management in distributed virtual execution environments. In: VEE 2005: Proceedings of the 1st ACM/USENIX International Conference on Virtual Execution Environments, pp. 100–109. ACM Press, New York (2005)

    Chapter  Google Scholar 

  4. Scott, K., Davidson, J.: Strata: A software dynamic translation infrastructure. In: IEEE Workshop on Binary Translation. IEEE, Los Alamitos (2001)

    Google Scholar 

  5. Scott, K., Kumar, N., Childers, B., Davidson, J.W., Soffa, M.L.: Overhead reduction techniques for software dynamic translation. In: Proceedings of the 18th International Parallel and Distributed Processing Symposium, p. 200. IEEE, Los Alamitos (2004)

    Google Scholar 

  6. Scott, K., Kumar, N., Velusamy, S., Childers, B., Davidson, J.W., Soffa, M.L.: Retargetable and reconfigurable software dynamic translation. In: CGO 2003: Proceedings of the International Symposium on Code Generation and Optimization, Washington, DC, USA, pp. 36–47. IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  7. Eagle, C.: The IDA Pro Book. No Starch Press, San Francisco (2008)

    Google Scholar 

  8. Hening, J.L.: SPEC CPU2000: Measuring CPU performance in the new millennium. IEEE Computer 7, 28–35 (2000)

    Article  Google Scholar 

  9. Black, P.E.: Software assurance metrics and tool evaluation. In: Proceedings of the 2005 International Conference on Software Engineering Research and Practice (2005)

    Google Scholar 

  10. Poe, J., Li, T.: Bass: A benchmark suite for evaluating architectural security systems. In: SIGARCH Computer Architecture News, pp. 26–33. ACM Press, New York (2006)

    Google Scholar 

  11. Wilander, J., Kamkar, M.: A comparison of publicly available tools for dynamic buffer overflow prevention. In: Proceedings of the Network and Distributed System Security Symposium, pp. 149–162. Internet Society (2003)

    Google Scholar 

  12. Benitez, M.E., Davidson, J.W.: The advantages of machine-dependent global optimization. In: Proceedings of the 1994 Conference on Programming Languages and Systems Architectures, pp. 105–124. ACM, New York (1994)

    Google Scholar 

  13. Nethercote, N., Fitzhardinge, J.: Bounds checking entire programs without recompiling. In: Informal Proceedings of the Second Workshop on Semantics, Program Analysis, and Computing Environments for Memory Management (SPACE 2004) (2004)

    Google Scholar 

  14. Barrantes, E.G., Ackley, D.H., Forrest, S., Stefanovic, D.: Randomized instruction set emulation. ACM Transactions on Information Systems Security 8, 3–40 (2005)

    Article  Google Scholar 

  15. Baratloo, A., Singh, N., Tsai, T.: Transparent run-time defense against stack smashing attacks. In: Proceedings of the USENIX Annual Technical Conference, pp. 251–262. USENIX (2000)

    Google Scholar 

  16. Liang, Z., Sekar, R., DuVarney, D.C.: Automatic synthesis of filters to discard buffer overflow attacks: A step towards self-healing systems. In: Usenix 2005 Annual Technical Conference, pp. 375–378 (2005)

    Google Scholar 

  17. Ruwase, O., Lam, M.: A practical dynamic buffer overflow detector. In: Proceedings of the Network and Distributed System Security (NDSS) Symposium, pp. 159–169 (2004)

    Google Scholar 

  18. Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: CCS 2003: Proceedings of the 10th ACM conference on Computer and communications security, pp. 272–280. ACM Press, New York (2003)

    Google Scholar 

  19. Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G., Frantzen, M., Lokier, J.: FormatGuard: Automatic protection from printf format string vulnerabilities. In: Proceedings of 10th USENIX Security Symposium, pp. 191–200 (2001)

    Google Scholar 

  20. Cowan, C., Pu, C., Maier, D., Hinton, H., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX Security Symposium. pp. 26–29. USENIX (1998)

    Google Scholar 

  21. Necula, G.C., McPeak, S., Weimer, W.: Ccured: Type-safe retrofitting of legacy code. In: POPL 2002: Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 128–139. ACM Press, New York (2002)

    Google Scholar 

  22. Akritidis, P., Cadar, C., Raiciu, C., Costa, M., Castro, M.: Preventing memory error exploits with wit. In: IEEE Symposium on Security and Privacy, pp. 263–277. IEEE, Los Alamitos (2008)

    Google Scholar 

  23. Bhatkar, S., DuVarney, D.C., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of 12th USENIX Security Symposium, pp. 105–120. USENIX (2003)

    Google Scholar 

  24. Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure execution via program shepherding. In: Proceedings of the 11th USENIX Security Symposium, pp. 191–206. USENIX (2002)

    Google Scholar 

  25. Chen, S., Xu, J., Sezer, E.C., Gauriar, P., Iyer, R.K.: Non-control-data attacks are realistic threats. In: Proceedings of the 14th Usenix Security Symposium, pp. 177–192. USENIX (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Virginia, Charlottesville, Virginia, U.S.A.

    Jason D. Hiser, Clark L. Coleman, Michele Co & Jack W. Davidson

Authors
  1. Jason D. Hiser
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Clark L. Coleman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michele Co
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jack W. Davidson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Trento, Povo (Trento), Italy

    Fabio Massacci

  2. Department of Computer Science, James Madison University, VA 22807, Harrisonburg, USA

    Samuel T. Redwine Jr.

  3. Department of Computer Science, University of Toronto, ON, Canada

    Nicola Zannone

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hiser, J.D., Coleman, C.L., Co, M., Davidson, J.W. (2009). MEDS: The Memory Error Detection System. In: Massacci, F., Redwine, S.T., Zannone, N. (eds) Engineering Secure Software and Systems. ESSoS 2009. Lecture Notes in Computer Science, vol 5429. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00199-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-00199-4_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-00198-7

  • Online ISBN: 978-3-642-00199-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation