TY - GEN
T1 - Sampler
T2 - 51st Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2018
AU - Silvestro, Sam
AU - Liu, Hongyu
AU - Zhang, Tong
AU - Jung, Changhee
AU - Lee, Dongyoon
AU - Liu, Tongping
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/12/12
Y1 - 2018/12/12
N2 - Deployed software is still faced with numerous in-production memory errors. They can significantly affect system reliability and security, causing application crashes, erratic execution behavior, or security attacks. Unfortunately, existing tools cannot be deployed in the production environment, since they either impose significant performance/memory overhead, or can only detect partial errors. This paper presents Sampler, a library that employs the combination of hardware-based SAMPLing and novel heap allocator design to efficiently identify a range of memory ERrors, including buffer overflows, use-After-frees, invalid frees, and double-frees. Due to the stringent Quality of Service (QoS) requirement of production services, Sampler proposes to trade detection effectiveness for performance on each execution. Rather than inspecting every memory access, Sampler proposes the use of the Performance Monitoring Unit (PMU) hardware to sample memory accesses, and only checks the validity of sampled accesses. At the same time, Sampler proposes a novel dynamic allocator supporting fast metadata lookup, and a solution to prevent false alarms potentially caused by sampling. The sampling-based approach, although it may lead to reduced effectiveness on each execution, is suitable for in-production software, since software is generally employed by a large number of individuals, and may be executed many times or over a long period of time. By randomizing the start of the sampling, different executions may sample different sequences of memory accesses, working together to enable effective detection. Experimental results demonstrate that Sampler detects all known memory bugs inside real applications, without any false positive. Sampler only imposes negligible performance overhead (2.4% on average). Sampler is the first work that simultaneously satisfies efficiency, preciseness, completeness, accuracy, and transparency, making it a practical tool for in-production deployment.
AB - Deployed software is still faced with numerous in-production memory errors. They can significantly affect system reliability and security, causing application crashes, erratic execution behavior, or security attacks. Unfortunately, existing tools cannot be deployed in the production environment, since they either impose significant performance/memory overhead, or can only detect partial errors. This paper presents Sampler, a library that employs the combination of hardware-based SAMPLing and novel heap allocator design to efficiently identify a range of memory ERrors, including buffer overflows, use-After-frees, invalid frees, and double-frees. Due to the stringent Quality of Service (QoS) requirement of production services, Sampler proposes to trade detection effectiveness for performance on each execution. Rather than inspecting every memory access, Sampler proposes the use of the Performance Monitoring Unit (PMU) hardware to sample memory accesses, and only checks the validity of sampled accesses. At the same time, Sampler proposes a novel dynamic allocator supporting fast metadata lookup, and a solution to prevent false alarms potentially caused by sampling. The sampling-based approach, although it may lead to reduced effectiveness on each execution, is suitable for in-production software, since software is generally employed by a large number of individuals, and may be executed many times or over a long period of time. By randomizing the start of the sampling, different executions may sample different sequences of memory accesses, working together to enable effective detection. Experimental results demonstrate that Sampler detects all known memory bugs inside real applications, without any false positive. Sampler only imposes negligible performance overhead (2.4% on average). Sampler is the first work that simultaneously satisfies efficiency, preciseness, completeness, accuracy, and transparency, making it a practical tool for in-production deployment.
KW - PMU
KW - Sampling
KW - Vulnerability Detection
UR - https://www.scopus.com/pages/publications/85060047004
U2 - 10.1109/MICRO.2018.00027
DO - 10.1109/MICRO.2018.00027
M3 - Conference contribution
AN - SCOPUS:85060047004
T3 - Proceedings of the Annual International Symposium on Microarchitecture, MICRO
SP - 231
EP - 244
BT - Proceedings - 51st Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2018
PB - IEEE Computer Society
Y2 - 20 October 2018 through 24 October 2018
ER -