HAIT: Heap Analyzer with Input Tracing

Andrea Atzeni; Andrea Marcelli; Francesco Muroni; Giovanni Squillero

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

HAIT: Heap Analyzer with Input Tracing

Topics: Software Security

In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications - Volume 0ICETE, 327-334, 2017 , Madrid, Spain

Authors: Andrea Atzeni ¹ ; Andrea Marcelli ¹ ; Francesco Muroni ² and Giovanni Squillero ¹

Affiliations: ¹ Politecnico di Torino, Italy ; ² Independent Scholar, Italy

Keyword(s): Heap, Exploit, Memory Profiler, Dynamic Symbolic Execution, Taint Analysis.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Software Security

Abstract: Heap exploits are one of the most advanced, complex and frequent types of attack. Over the years, many effective techniques have been developed to mitigate them, such as data execution prevention, address space layout randomization and canaries. However, if both knowledge and control of the memory allocation are available, heap spraying and other attacks are still feasible. This paper presents HAIT, a memory profiler that records critical operations on the heap and shows them graphically in a clear and comprehensible format. A prototype was implemented on top of Triton, a framework for dynamic binary analysis. The experimental evaluation demonstrates that HAIT can help identifying the essential information needed to carry out heap exploits, providing valuable knowledge for an effective attack.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.23.92.53

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Atzeni, A.; Marcelli, A.; Muroni, F. and Squillero, G. (2017). HAIT: Heap Analyzer with Input Tracing. In Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT; ISBN 978-989-758-259-2; ISSN 2184-3236, SciTePress, pages 327-334. DOI: 10.5220/0006420803270334

@conference{secrypt17,
author={Andrea Atzeni. and Andrea Marcelli. and Francesco Muroni. and Giovanni Squillero.},
title={HAIT: Heap Analyzer with Input Tracing},
booktitle={Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT},
year={2017},
pages={327-334},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006420803270334},
isbn={978-989-758-259-2},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - SECRYPT
TI - HAIT: Heap Analyzer with Input Tracing
SN - 978-989-758-259-2
IS - 2184-3236
AU - Atzeni, A.
AU - Marcelli, A.
AU - Muroni, F.
AU - Squillero, G.
PY - 2017
SP - 327
EP - 334
DO - 10.5220/0006420803270334
PB - SciTePress