Securely Sharing Randomized Code That Flies
نویسندگان
چکیده
Address space layout randomization was a great role model, being light-weight defense technique that could prevent early return-oriented programming attacks. Simple yet effective, address quickly widely adopted. Conversely, today only trickle of techniques arebeing integrated or adopted mainstream. As code reuse attacks have evolved in complexity, defenses strived to keep up. However, do so, many had take unfavorable tradeoffs like using background threads protecting subset sensitive code. In reality, these were unavoidable steps necessary improve the strength state art. this article, we present Mardu , an on-demand system-wide runtime re-randomization capable scalable protection application as well shared library most forgone. We achieve sharing with diversification by implementing reactive and rather than continuous one-time diversification. Enabling further removes redundant computation tracking patching, along memory overheads required prior techniques. its baseline state, transformations needed for security hardening incur reasonable performance overhead 5.5% on SPEC minimal degradation 4.4% NGINX, demonstrating applicability both compute-intensive real-world applications. Even when under attack, adds from less 1% up 15% depending size complexity.
منابع مشابه
Sharing code
Sharing code is becoming increasingly important in the wake of Open Science. In this review I describe and compare two popular code-sharing utilities, GitHub and Open Science Framework (OSF). GitHub is a mature, industry-standard tool but lacks focus towards researchers. In comparison, OSF offers a one-stop solution for researchers but a lot of functionality is still under development. I conclu...
متن کاملA Confinement Criterion for Securely Executing Mobile Code
Mobile programs, like applets, are not only ubiquitous, but also potentially malicious. We study the case where mobile programs are executed by a host system in a secured environment, in order to control all accesses from mobile programs to local resources. The article deals with the following question: how to ensure that the local environment is secure? We answer by giving a confinement criter...
متن کاملThe Phish-Market Protocol: Securely Sharing Attack Data between Competitors
A key way in which banks mitigate the effects of phishing is to remove fraudulent websites or suspend abusive domain names. This ‘take-down’ is often subcontracted to specialist firms. Prior work has shown that these take-down companies refuse to share ‘feeds’ of phishing website URLs with each other, and consequently, many phishing websites are not removed because the firm with the take-down c...
متن کاملMemory flies sooner from flies that learn faster.
L earning, like any phenotypic trait, is expected to evolve under natural selection. A prerequisite for evolutionary change is heritable variation in learning in natural populations. It is customary in evolutionary biology to think of genetic variation in a complex trait such as learning ability in terms of a so-called ‘‘bell curve’’ or normal distribution (1) (Fig. 1). Most individuals are ave...
متن کاملTowards Characterizing Securely Computable Two-Party Randomized Functions
A basic question of cryptographic complexity is to combinatorially characterize all randomized functions which have information-theoretic semi-honest secure 2-party computation protocols. The corresponding question for deterministic functions was answered almost three decades back, by Kushilevitz [Kus89]. In this work, we make progress towards understanding securely computable randomized functi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Digital threats
سال: 2022
ISSN: ['2692-1626', '2576-5337']
DOI: https://doi.org/10.1145/3474558