Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization

2013 ◽  
Author(s):  
K. Z. Snow ◽  
F. Monrose ◽  
L. Davi ◽  
A. Dmitrienko ◽  
C. Liebchen ◽  
...  
Keyword(s):  
Just In Time ◽  
Address Space ◽  
Time Code ◽  
Code Reuse ◽  
Fine Grained ◽  
Space Layout ◽  
Address Space Layout Randomization

scholarly journals Fine-grained address space layout randomization on program load

2017 ◽  
Vol 29 (6) ◽  
pp. 163-182
Author(s):  
A.R. Nurmukhametov ◽  
E.A. Zhabotinskiy ◽  
Sh. F. Kurmangaleev ◽  
S.S. Gaissaryan ◽  
A.V. Vishnyakov
Keyword(s):  
Address Space ◽  
Fine Grained ◽  
Program Load ◽  
Space Layout ◽  
Address Space Layout Randomization

Fine-Grained Address Space Layout Randomization on Program Load

2018 ◽  
Vol 44 (5) ◽  
pp. 363-370 ◽  
Author(s):  
A. R. Nurmukhametov ◽  
E. A. Zhabotinskiy ◽  
Sh. F. Kurmangaleev ◽  
S. S. Gaissaryan ◽  
A. V. Vishnyakov
Keyword(s):  
Address Space ◽  
Fine Grained ◽  
Program Load ◽  
Space Layout ◽  
Address Space Layout Randomization

scholarly journals Kernel Protection Against Just-In-Time Code Reuse

2019 ◽  
Vol 22 (1) ◽  
pp. 1-28 ◽  
Author(s):  
Marios Pomonis ◽  
Theofilos Petsios ◽  
Angelos D. Keromytis ◽  
Michalis Polychronakis ◽  
Vasileios P. Kemerlis
Keyword(s):  
Just In Time ◽  
Time Code ◽  
Code Reuse

scholarly journals Address Space Layout Randomization Comparative Analysis on Windows 10 and Ubuntu 18.04 LTS

2021 ◽  
Vol 7 (1) ◽  
pp. 26
Author(s):  
Raquel Vázquez Díaz ◽  
Martiño Rivera-Dourado ◽  
Rubén Pérez-Jove ◽  
Pilar Vila Avendaño ◽  
José M. Vázquez-Naya
Keyword(s):  
Operating System ◽  
Comparative Analysis ◽  
Operating Systems ◽  
Memory Management ◽  
Address Space ◽  
Memory Protection ◽  
Partial Correlations ◽  
Feature Memory ◽  
Space Layout ◽  
Address Space Layout Randomization

Memory management is one of the main tasks of an Operating System, where the data of each process running in the system is kept. In this context, there exist several types of attacks that exploit memory-related vulnerabilities, forcing Operating Systems to feature memory protection techniques that make difficult to exploit them. One of these techniques is ASLR, whose function is to introduce randomness into the virtual address space of a process. The goal of this work was to measure, analyze and compare the behavior of ASLR on the 64-bit versions of Windows 10 and Ubuntu 18.04 LTS. The results have shown that the implementation of ASLR has improved significantly on these two Operating Systems compared to previous versions. However, there are aspects, such as partial correlations or a frequency distribution that is not always uniform, so it can still be improved.

A Function Level Randomization Technique to Mitigate ROP Attacks

2013 ◽  
Vol 765-767 ◽  
pp. 871-878
Author(s):  
Liang Xiao ◽  
Xun Zhan ◽  
Tao Zheng
Keyword(s):  
Binary Code ◽  
Buffer Overflow ◽  
Target System ◽  
Limited Time ◽  
Brute Force ◽  
Address Space ◽  
Return Oriented Programming ◽  
Space Layout ◽  
Address Space Layout Randomization

ROP (Return-Oriented Programming) is a kind of attack technique which makes use of the existing binary code of target systems. ASLR (Address Space Layout Randomization) is widely used to protect systems from buffer-overflow attacks by introducing artificial diversity to software. With ASLR software can be immune from ROP attacks to some extent. Due to the fact that ASLR cant randomize base addresses of executables code segments and its utility on 32-bit architectures is limited by the number of bits available for address randomization, attackers can successfully exploit a target system by using brute force in limited time. Thus, we proposed FLR, a function level randomization technique to mitigate ROP attacks. FLR randomly permutes functions in executables, making attackers assumptions on executables incorrect. We implemented a prototype of FLR and randomized ten executables. ROP attacks succeeded without FLR and failed with FLR.

scholarly journals Lightweight and Seamless Memory Randomization for Mission-Critical Services in a Cloud Platform

Energies ◽  
2020 ◽  
Vol 13 (6) ◽  
pp. 1332
Author(s):  
Joobeom Yun ◽  
Ki-Woong Park ◽  
Dongyoung Koo ◽  
Youngjoo Shin
Keyword(s):  
Effective Means ◽  
Cloud Platform ◽  
Code Reuse ◽  
Source Codes ◽  
Software Vulnerabilities ◽  
Computing Services ◽  
Fundamental Limitations ◽  
Mission Critical ◽  
Space Layout ◽  
Address Space Layout Randomization

Nowadays, various computing services are often hosted on cloud platforms for their availability and cost effectiveness. However, such services are frequently exposed to vulnerabilities. Therefore, many countermeasures have been invented to defend against software hacking. At the same time, more complicated attacking techniques have been created. Among them, code-reuse attacks are still an effective means of abusing software vulnerabilities. Although state-of-the-art address space layout randomization (ASLR) runtime-based solutions provide a robust way to mitigate code-reuse attacks, they have fundamental limitations; for example, the need for system modifications, and the need for recompiling source codes or restarting processes. These limitations are not appropriate for mission-critical services because a seamless operation is very important. In this paper, we propose a novel ASLR technique to provide memory rerandomization without interrupting the process execution. In addition, we describe its implementation and evaluate the results. In summary, our method provides a lightweight and seamless ASLR for critical service applications.

Address-space layout randomization using code islands

2009 ◽  
Vol 17 (3) ◽  
pp. 331-362 ◽  
Author(s):  
Haizhi Xu ◽  
Steve J. Chapin
Keyword(s):  
Address Space ◽  
Space Layout ◽  
Address Space Layout Randomization
Sign in / Sign up

Export Citation Format

Share Document