CleanStack: A New Dual-Stack for Defending Against Stack-Based Memory Corruption Attacks

Stack-based memory corruption vulnerabilities havelong been exploited by attackers to execute arbitrary codeor perform unauthorized memory operations. Various defensemechanisms have been introduced to mitigate stack memoryerrors, but they typically focus on specific attack types, incursubstantial performance overhead, or suffer from compatibilitythis http URLthis paper, we present CleanStack, an efficient,highly compatible, and comprehensive stack protection mech anism. CleanStack isolates stack objects influenced by externalinput from other safe stack objects, thereby preventing attackersfrom modifying return addresses via controlled stack objects.Additionally, by randomizing the placement of tainted stackobjects within the Unclean Stack, CleanStack mitigates non control data attacks by preventing attackers from predicting thestack layout.A key component of CleanStack is the identifica tion of tainted stack objects. We analyze both static programanalysis and heuristic methods for this purpose. To maximizecompatibility, we adopt a heuristic approach and implementCleanStack within the LLVM compiler framework, applying it toSPEC CPU2017 benchmarks and a real-worldthis http URLsecurity evaluation demonstrates that CleanStack significantlyreduces the exploitability of stack-based memory errors byproviding a dual-stack system with isolation and randomization.Performance evaluation results indicate that CleanStack incursan execution overhead of only 1.73% on the SPEC CPU2017benchmark while introducing a minimal memory overhead ofjust 0.04%. Compared to existing stack protection techniques,CleanStack achieves an optimal balance between protectioncoverage, runtime overhead, and compatibility, making it oneof the most comprehensive and efficient stack security solutionsto date.