Litcius/Paper detail

PACMAN

Joseph Ravichandran, Weon Taek Na, Jay Lang, Mengjia Yan

202261 citationsDOIOpen Access PDF

Abstract

This paper studies the synergies between memory corruption vulnerabilities and speculative execution vulnerabilities. We leverage speculative execution attacks to bypass an important memory protection mechanism, ARM Pointer Authentication, a security feature that is used to enforce pointer integrity. We present PACMAN, a novel attack methodology that speculatively leaks PAC verification results via micro-architectural side channels without causing any crashes. Our attack removes the primary barrier to conducting control-flow hijacking attacks on a platform protected using Pointer Authentication.

Topics & Concepts

Computer sciencePointer (user interface)Computer securityLeverage (statistics)Memory safetyPasswordEmbedded systemOperating systemComputer hardwareCompilerMachine learningSecurity and Verification in ComputingDistributed systems and fault toleranceAdvanced Malware Detection Techniques
PACMAN | Litcius