Securing UnSafe Rust Programs with XRust (ICSE 2020 - Technical Papers) - ICSE 2020

Write a Blog >>

Wed 24 June - Thu 16 July 2020

Who

Peiming Liu, Gang Zhao, Jeff Huang

Track

ICSE 2020 Technical Papers

Time Zone

The program is currently displayed in (UTC) Coordinated Universal Time.

Use conference time zone: (UTC) Coordinated Universal TimeSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

When

Thu 9 Jul 2020 01:37 - 01:49 at Baekje - P16-Security and Learning Chair(s): Lingming Zhang

Abstract

Rust is a promising systems programming language that embraces both high-level memory safety and low-level resource manipulation. However, the dark side of Rust, unsafe Rust, leaves a large security hole as it bypasses the Rust type system in order to support low-level operations. Recently, several real-world memory corruption vulnerabilities have been discovered in Rust’s standard libraries.

We present XRust, a new technique that mitigates the security threat of unsafe Rust by ensuring the integrity of data flow from unsafe Rust code to safe Rust code. The cornerstone of XRust is a novel heap allocator that isolates the memory of unsafe Rust from that accessed only in safe Rust, and prevents any cross-region memory corruption. Our design of XRust supports both single- and multi-threaded Rust programs. Our extensive experiments on real-world Rust applications and standard libraries show that XRust is both highly efficient and effective in practice.

Peiming Liu

Texas A&M University

Gang Zhao

Texas A&m University

Jeff Huang

Texas A&M University

Time Zone

The program is currently displayed in (UTC) Coordinated Universal Time.

Use conference time zone: (UTC) Coordinated Universal TimeSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Session Program

Thu 9 Jul
Displayed time zone: (UTC) Coordinated Universal Time change

	01:05 - 02:05	P16-Security and LearningTechnical Papers / Journal First at Baekje Chair(s): Lingming Zhang The University of Texas at Dallas

	01:05 12m Talk		Software Visualization and Deep Transfer Learning for Effective Software Defect PredictionTechnical Technical Papers Jinyin Chen College of Information Engineering, Zhejiang University of Technology, Hangzhou 310023, China, Keke Hu College of Information Engineering, Zhejiang University of Technology, Hangzhou 310023, China, Yue Yu College of Computer, National University of Defense Technology, Changsha 410073, China, Zhuangzhi Chen College of Information Engineering, Zhejiang University of Technology, Hangzhou 310023, China, Qi Xuan Institute of Cyberspace Security, Zhejiang University of Technology, Hangzhou 310023, China, Yi Liu Institute of Process Equipment and Control Engineering, Zhejiang University of Technology, Hangzhou 310023, China, Vladimir Filkov University of California at Davis, USA
	01:17 8m Talk		Easy-to-Deploy API Extraction by Multi-Level Feature Embedding and Transfer LearningJ1 Journal First Suyu Ma Monash University, Zhenchang Xing Australia National University, Chunyang Chen Monash University, Cheng Chen PricewaterhouseCoopers Firm, Lizhen Qu Monash University, Guoqiang Li Shanghai Jiao Tong University
	01:25 12m Talk		How Does Misconfiguration of Analytic Services Compromise Mobile Privacy?Technical Technical Papers Xueling Zhang University of Texas at San Antonio, Xiaoyin Wang University of Texas at San Antonio, USA, Rocky Slavin University of Texas at San Antonio, Travis Breaux Carnegie Mellon University, Jianwei Niu University of Texas at San Antonio
	01:37 12m Talk		Securing UnSafe Rust Programs with XRustTechnical Technical Papers Peiming Liu Texas A&M University, Gang Zhao Texas A&m University, Jeff Huang Texas A&M University
	01:49 12m Talk		Is Rust Used Safely by Software Developers?Technical Technical Papers Ana Nora Evans University of Virginia, USA, Bradford Campbell University of Virginia, Mary Lou Soffa University of Virginia