Practical Software Diversification Using In-Place Code Randomization
نویسندگان
چکیده
The wide adoption of non-executable page protections has given rise to attacks that employ return-oriented programming (ROP) to achieve arbitrary code execution without the injection of any code. Existing defenses against ROP exploits either require source code or symbolic debugging information, or impose a significant runtime overhead, which limits their applicability for the protection of third-party applications. Aiming for a practical mitication against ROP attacks, we introduce in-place code randomization, a software diversification technique that can be applied directly on third-party software. Our method uses various narrow-scope code transformations that can be applied statically, without changing the location of basic blocks, allowing the safe randomization of stripped binaries even with partial disassembly coverage. We demonstrate how in-place code randomization can prevent the exploitation of vulnerable Windows 7 applications, including Adobe Reader, as well as the automated construction of reliable ROP payloads.
منابع مشابه
Compiler-assisted Code Randomization
Despite decades of research on software diversification, only address space layout randomization has seen widespread adoption. Code randomization, an effective defense against return-oriented programming exploits, has remained an academic exercise mainly due to i) the lack of a transparent and streamlined deployment model that does not disrupt existing software distribution norms, and ii) the i...
متن کاملSphinx: A Secure Architecture Based on Binary Code Diversification and Execution Obfuscation
Sphinx, a hardware-software co-design architecture for binary code and runtime obfuscation. The Sphinx architecture uses binary code diversification and self-reconfigurable processing elements to maintain application functionality while obfuscating the binary code and architecture states to attackers. This approach dramatically reduces an attacker’s ability to exploit information gained from on...
متن کاملThe Superdiversifier: Peephole Individualization for Software Protection
We present a new approach to individualize programs at the machineand byte-code levels. Our superdiversification methodology is based on the compiler technique of superoptimization, which performs a brute-force search over all possible short instruction sequences to find minimum-size implementations of desired functions. Superdiversification also searches for equivalent code sequences, but we g...
متن کاملCode Randomization: Haven't We Solved This Problem Yet?
Two decades since the idea of using software diversity for security was put forward, ASLR is the only technique to see widespread deployment. This is puzzling since academic security researchers have published scores of papers claiming to advance the state of the art in the area of code randomization. Unfortunately, these improved diversity techniques are generally less deployable than integrit...
متن کاملSimilarity-based matching meets Malware Diversity
Similarity metrics, e.g., signatures as used by anti-virus products, are the dominant technique to detect if a given binary is malware. The underlying assumption of this approach is that all instances of a malware (or even malware family) will be similar to each other. Software diversification is a probabilistic technique that uses code and data randomization and expressiveness in the target in...
متن کامل