Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector

@article{Bosman2016DedupEM,
  title={Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector},
  author={Erik Bosman and Kaveh Razavi and Herbert Bos and Cristiano Giuffrida},
  journal={2016 IEEE Symposium on Security and Privacy (SP)},
  year={2016},
  pages={987-1004}
}
Memory deduplication, a well-known technique to reduce the memory footprint across virtual machines, is now also a default-on feature inside the Windows 8.1 and Windows 10 operating systems. Deduplication maps multiple identical copies of a physical page onto a single shared copy with copy-on-write semantics. As a result, a write to such a shared page triggers a page fault and is thus measurably slower than a write to a normal page. Prior work has shown that an attacker able to craft pages on… CONTINUE READING
Highly Cited
This paper has 68 citations. REVIEW CITATIONS
50 Citations
40 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 50 extracted citations

69 Citations

01020302015201620172018
Citations per Year
Semantic Scholar estimates that this publication has 69 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 40 references

Bypass control flow guard comprehensively

  • Zhang Yunhai
  • In Black Hat USA,
  • 2015
1 Excerpt

Similar Papers

Loading similar papers…