Timely address space rerandomization for resisting code reuse attacks. (2nd December 2016)
- Record Type:
- Journal Article
- Title:
- Timely address space rerandomization for resisting code reuse attacks. (2nd December 2016)
- Main Title:
- Timely address space rerandomization for resisting code reuse attacks
- Authors:
- Chen, Xiaoquan
Xue, Rui
Wu, Chuankun - Other Names:
- Qi Heng guestEditor.
Dong Manxiong guestEditor.
Wang Xiaofei guestEditor.
Ren Jianji guestEditor. - Abstract:
- Summary: The major weakness of address space layout randomization is the address space of the program being randomized only once at loading. Therefore, it cannot prevent those advanced code reuse attacks, such as just‐in‐time return‐oriented programming. In view of this situation, we propose an instantaneous and continual address space rerandomization approach, called just‐in‐time address space rerandomization (JIT‐ASR) to thwart the attack. The JIT‐ASR uses the virtual memory management and can ceaselessly change the program's address space by modifying the virtual page number of the code address and page table at runtime. In this way, the address space of the program will change continually. This mechanism will make the addresses used by the attacker become stale, and the attack payload cannot be performed successfully. To demonstrate the effectiveness and efficiency of JIT‐ASR, we apply it to SPEC CPU2006 benchmark suite. The evaluation results and security analysis show that JIT‐ASR can resist the code reuse attacks, especially just‐in‐time return‐oriented programming, and yield low runtime performance overhead (1.2% on average on the SPEC CPU2006 benchmark).
- Is Part Of:
- Concurrency and computation. Volume 29:Number 16(2017)
- Journal:
- Concurrency and computation
- Issue:
- Volume 29:Number 16(2017)
- Issue Display:
- Volume 29, Issue 16 (2017)
- Year:
- 2017
- Volume:
- 29
- Issue:
- 16
- Issue Sort Value:
- 2017-0029-0016-0000
- Page Start:
- n/a
- Page End:
- n/a
- Publication Date:
- 2016-12-02
- Subjects:
- ASLR -- code reuse attacks -- JIT‐ASR -- JIT‐ROP
Parallel processing (Electronic computers) -- Periodicals
Parallel computers -- Periodicals
004.35 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/cpe.3965 ↗
- Languages:
- English
- ISSNs:
- 1532-0626
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3405.622000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 2801.xml