10.1145/3460120.3485376
Open access

VIP: Safeguard Value Invariant Property for Thwarting Critical Memory Corruption Attacks

Published: 13 November 2021


Most modern software attacks are rooted in memory corruption vulnerabilities, which are capable of altering security-sensitive data (e.g., function pointers) to unintended values. This paper introduces a new security property, the Value Invariant Property (VIP), and HyperSpace, our prototype that enforces VIP on security-sensitive data. HyperSpace safeguards the integrity of "data values" instead of enforcing control/data flow, allowing for low runtime overhead, yet defeating critical attacks effectively. We implement four representative security policies including Control Flow Integrity (VIP-CFI), Code Pointer Integrity (VIP-CPI), Virtual function Table protection (VIP-VTPtr), and heap metadata protection based on HyperSpace. We evaluate HyperSpace with SPEC CPU2006 benchmarks and real-world applications (NGINX and PostgreSQL) and test how HyperSpace defeats memory corruption-based attacks, including three real-world exploits and six attacks that bypass existing defenses (COOP, heap exploits, etc.). Our experimental evaluation shows that HyperSpace successfully stops all these attacks with low runtime overhead: 0.88% and 6.18% average performance overhead for VIP-CFI and VIP-CPI, respectively, and overall approximately 13.18% memory overhead with VIP-CPI in SPEC CPU2006.


  1. VIP: Safeguard Value Invariant Property for Thwarting Critical Memory Corruption Attacks



      Published In

      CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security
      November 2021
      3558 pages
      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 13 November 2021


      Author Tags

      1. memory corruption attack
      2. value invariant property


      CCS '21
      CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security
      November 15 - 19, 2021
      Virtual Event, Republic of Korea

