47 research outputs found
Top of the Heap: Efficient Memory Error Protection for Many Heap Objects
Exploits against heap memory errors continue to be a major concern. Although
many defenses have been proposed, heap data are not protected from attacks that
exploit memory errors systematically. Research defenses focus on complete
coverage of heap objects, often giving up on comprehensive memory safety
protection and/or incurring high costs in performance overhead and memory
usage. In this paper, we propose a solution for heap memory safety enforcement
that aims to provide comprehensive protection from memory errors efficiently by
protecting those heap objects whose accesses are provably safe from memory
errors. Specifically, we present the Uriah system that statically validates
spatial and type memory safety for heap objects, isolating compliant objects on
a safe heap that enforces temporal type safety to prevent attacks on memory
reuse. Using Uriah, 71.9% of heap allocation sites can be shown to produce
objects (73% of allocations are found safe) that satisfy spatial and type
safety, which are then isolated using Uriah's heap allocator from memory
accesses via unsafe heap objects. Uriah only incurs 2.9% overhead and only uses
9.3% more memory on SPEC CPU2006 (C/C++) benchmarks, showing that many heap
objects can be protected from all classes of memory errors efficiently
AdLER: Adversarial Training with Label Error Rectification for One-Shot Medical Image Segmentation
Accurate automatic segmentation of medical images typically requires large
datasets with high-quality annotations, making it less applicable in clinical
settings due to limited training data. One-shot segmentation based on learned
transformations (OSSLT) has shown promise when labeled data is extremely
limited, typically including unsupervised deformable registration, data
augmentation with learned registration, and segmentation learned from augmented
data. However, current one-shot segmentation methods are challenged by limited
data diversity during augmentation, and potential label errors caused by
imperfect registration. To address these issues, we propose a novel one-shot
medical image segmentation method with adversarial training and label error
rectification (AdLER), with the aim of improving the diversity of generated
data and correcting label errors to enhance segmentation performance.
Specifically, we implement a novel dual consistency constraint to ensure
anatomy-aligned registration that lessens registration errors. Furthermore, we
develop an adversarial training strategy to augment the atlas image, which
ensures both generation diversity and segmentation robustness. We also propose
to rectify potential label errors in the augmented atlas images by estimating
segmentation uncertainty, which can compensate for the imperfect nature of
deformable registration and improve segmentation authenticity. Experiments on
the CANDI and ABIDE datasets demonstrate that the proposed AdLER outperforms
previous state-of-the-art methods by 0.7% (CANDI), 3.6% (ABIDE "seen"), and
4.9% (ABIDE "unseen") in segmentation based on Dice scores, respectively. The
source code will be available at https://github.com/hsiangyuzhao/AdLER
You Do (Not) Belong Here: Detecting DPI Evasion Attacks with Context Learning
As Deep Packet Inspection (DPI) middleboxes become increasingly popular, a
spectrum of adversarial attacks have emerged with the goal of evading such
middleboxes. Many of these attacks exploit discrepancies between the middlebox
network protocol implementations, and the more rigorous/complete versions
implemented at end hosts. These evasion attacks largely involve subtle
manipulations of packets to cause different behaviours at DPI and end hosts, to
cloak malicious network traffic that is otherwise detectable. With recent
automated discovery, it has become prohibitively challenging to manually curate
rules for detecting these manipulations. In this work, we propose CLAP, the
first fully-automated, unsupervised ML solution to accurately detect and
localize DPI evasion attacks. By learning what we call the packet context,
which essentially captures inter-relationships across both (1) different
packets in a connection; and (2) different header fields within each packet,
from benign traffic traces only, CLAP can detect and pinpoint packets that
violate the benign packet contexts (which are the ones that are specially
crafted for evasion purposes). Our evaluations with 73 state-of-the-art DPI
evasion attacks show that CLAP achieves an Area Under the Receiver Operating
Characteristic Curve (AUC-ROC) of 0.963, an Equal Error Rate (EER) of only
0.061 in detection, and an accuracy of 94.6% in localization. These results
suggest that CLAP can be a promising tool for thwarting DPI evasion attacks.Comment: 12 pages, 12 figures; accepted to ACM CoNEXT 202
Uni-COAL: A Unified Framework for Cross-Modality Synthesis and Super-Resolution of MR Images
Cross-modality synthesis (CMS), super-resolution (SR), and their combination
(CMSR) have been extensively studied for magnetic resonance imaging (MRI).
Their primary goals are to enhance the imaging quality by synthesizing the
desired modality and reducing the slice thickness. Despite the promising
synthetic results, these techniques are often tailored to specific tasks,
thereby limiting their adaptability to complex clinical scenarios. Therefore,
it is crucial to build a unified network that can handle various image
synthesis tasks with arbitrary requirements of modality and resolution
settings, so that the resources for training and deploying the models can be
greatly reduced. However, none of the previous works is capable of performing
CMS, SR, and CMSR using a unified network. Moreover, these MRI reconstruction
methods often treat alias frequencies improperly, resulting in suboptimal
detail restoration. In this paper, we propose a Unified Co-Modulated Alias-free
framework (Uni-COAL) to accomplish the aforementioned tasks with a single
network. The co-modulation design of the image-conditioned and stochastic
attribute representations ensures the consistency between CMS and SR, while
simultaneously accommodating arbitrary combinations of input/output modalities
and thickness. The generator of Uni-COAL is also designed to be alias-free
based on the Shannon-Nyquist signal processing framework, ensuring effective
suppression of alias frequencies. Additionally, we leverage the semantic prior
of Segment Anything Model (SAM) to guide Uni-COAL, ensuring a more authentic
preservation of anatomical structures during synthesis. Experiments on three
datasets demonstrate that Uni-COAL outperforms the alternatives in CMS, SR, and
CMSR tasks for MR images, which highlights its generalizability to wide-range
applications
Off-Path TCP Exploits of the Mixed IPID Assignment
In this paper, we uncover a new off-path TCP hijacking attack that can be
used to terminate victim TCP connections or inject forged data into victim TCP
connections by manipulating the new mixed IPID assignment method, which is
widely used in Linux kernel version 4.18 and beyond to help defend against TCP
hijacking attacks. The attack has three steps. First, an off-path attacker can
downgrade the IPID assignment for TCP packets from the more secure
per-socket-based policy to the less secure hash-based policy, building a shared
IPID counter that forms a side channel on the victim. Second, the attacker
detects the presence of TCP connections by observing the shared IPID counter on
the victim. Third, the attacker infers the sequence number and the
acknowledgment number of the detected connection by observing the side channel
of the shared IPID counter. Consequently, the attacker can completely hijack
the connection, i.e., resetting the connection or poisoning the data stream.
We evaluate the impacts of this off-path TCP attack in the real world. Our
case studies of SSH DoS, manipulating web traffic, and poisoning BGP routing
tables show its threat on a wide range of applications. Our experimental
results show that our off-path TCP attack can be constructed within 215 seconds
and the success rate is over 88%. Finally, we analyze the root cause of the
exploit and develop a new IPID assignment method to defeat this attack. We
prototype our defense in Linux 4.18 and confirm its effectiveness through
extensive evaluation over real applications on the Internet