Embodiments of the inventive concept described herein relate to memory alignment randomization methods of memory heap exploits, and more particularly, relate to methods of randomly performing memory alignment of objects inside heap areas (heap memory) to mitigate the exploits of the vulnerability of software memory heap areas.
According to a 2016 database of MITRE which is a SW security assessment agency under the U.S. Department of Homeland Security, 30% of the latest software exploits occur through a heap area in a memory. Software exploits are the most important techniques for distributing malicious codes, and are fields that the majority of security experts and system hackers are most interested in. Recently, various exploit mitigation techniques, which prevent hackers from performing heap exploits, have been discussed in the academic world and have been introduced to a relevant market. Representative examples may be Isolation Heap added to Microsoft Internet Explorer from 2014 and Non-deterministic low fragmentation heap added since Windows 8. In addition, similar techniques have been developed with respect to even Adobe Flash, Google Chrome, and the like.
Among the exploit mitigation techniques, a technique, in which the form of a memory is randomly changed whenever a program runs, is most frequently used. In the academic world, many precedent studies and researches have been performed on randomly changing memory positions of objects inside heap areas and relevant techniques have been developed. However, until now, all studies and researches, and all techniques have been concentrated in randomly forming the distance between objects inside a heap area and relative positions between the objects inside the heap area. That is to say, in conventional studies and researches, even if memory positions of the objects are randomly formed, start memory addresses of the relevant objects are aligned based on a central processing unit (CPU) configuration (aligned at multiples of 4 in the case of a 32-bit CPU or aligned at multiples of 8 in the case of a 64-bit CPU).
This is because the granularity of a bus line allowing the CPU to access a memory is granularity having multiples of 4 or 8 bytes instead of 1-byte granularity. Accordingly, the CPU has represented the optimal performance when the CPU accesses a memory address aligned at the multiple of 4 or 8. Intel's technical documents in the past have stated that unaligned memory access may doubly slow down the access speed to a memory of a CPU. Since then, there has never been suggested a mitigation technique of aligning a memory in a random manner instead of a manner of aligning the memory at multiples of 4 or 8 in the past studies and researches. However, recently, a technique of preventing the performance degradation has been applied to an Intel CISC micro-architecture. Accordingly, the inventive concept shows that memory alignment randomization may be an effective mitigation technology of a heap exploit.
As the prior art, there is Korean Patent Registration No. 1445634.