Friday, June 5, 2015

PAPER: Memory Errors: The Past, the Present, and the Future

Despite my long inactivity on the blog, it's true that behind the scene I'm still active.
Recently among the other I read a paper that need some attention: Memory Errors: The Past, the Present, and the Future

Victor van der Veen† , Nitish dutt-Sharma† , Lorenzo Cavallaro†,∗ Herbert Bos† †The Network Institute, VU University Amsterdam ∗Royal Holloway, University of London

Memory error exploitations have been around for over 25 years and still rank among the top 3 most dangerous software errors. Why haven’t we been able to stop them? Given the host of security measures on modern machines, are we less vulnerable than before, and can we expect to eradicate memory error problems in the near future? In this paper, we present a quarter century worth of memory errors: attacks, defenses, and statistics. A historical overview provides insight in past trends and developments, while an investigation of real-world vulnerabilities and exploits allows us to speculate on the significance of memory errors in the foreseeable future.