DATAEvictor: To reduce the leakage of sensitive data targeting multiple memory copies and data lifetimes

Abstract

In modern operating systems, when a process terminates, the data still remain in the memory for an uncertain time. In addition, encryption is insufficient because the keys may be leaked through some compulsory means. In this paper, we present a novel OS-level approach called DATAEvictor, which thoroughly and timely evicts the sensitive data not only in the user stack, heap, kernel stack, but also in page cache, kernel buffer, slab objects and virtual memory swap when the process terminates. It aims to cut short the lifetime of sensitive data in memory as early as possible, so as to reduce the possibility of these data being leaked. DATAEvictor provides a “private mode” execution for any application according to user requirements, and just needs an appropriate code extension to the Linux kernel sources. The results of performance evalu- ation show that the implementation of DATAEvictor only results in a reasonable system performance loss.