Improving address space randomization with a dynamic offset randomization technique

Haizhi Xu, Steve J. Chapin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Scopus citations

Abstract

Address Space Randomization (ASR) techniques randomize process layout to prevent attackers from locating target functions. Prior ASR techniques have considered singletarget attacks, which succeed if the attacker can locate a single, powerful system library function. These techniques are not sufficient to defend against chained return-into-lib(c) attacks, each of which calls a sequence of system library functions in order. In this paper, we propose a new ASR technique, code islands, that randomizes not only the base pointers of memory mapping (mmapping), but also relative distances between functions, maximally and dynamically. Our technique can minimize the utility of information gained in early probes of a chained return-into-lib(c) attack, for later stages of that attack. With a pre-defined rerandomization threshold, our code islands technique not only is exponentially more effective than any prior ASR technique in defending against brute-force searches for locations of multiple targets-a key component of chained return-into-lib(c) attacks, but can also maintain high service availability even under attack. Our overhead measurement on some wellknown GNU applications shows that it takes less than 0.05 second to load/rerandomize a process with the necessary C system library functions using code islands, and our technique introduces a 3-10% run-time overhead from interisland control transfers. We conclude that the code island technique is well-suited to dedicated multi-threaded servers.

Original languageEnglish (US)
Title of host publicationApplied Computing 2006 - The 21st Annual ACM Symposium on Applied Computing - Proceedings of the 2006 ACM Symposium on Applied Computing
PublisherAssociation for Computing Machinery
Pages384-391
Number of pages8
ISBN (Print)1595931082, 9781595931085
DOIs
StatePublished - 2006
Event2006 ACM Symposium on Applied Computing - Dijon, France
Duration: Apr 23 2006Apr 27 2006

Publication series

NameProceedings of the ACM Symposium on Applied Computing
Volume1

Other

Other2006 ACM Symposium on Applied Computing
CountryFrance
CityDijon
Period4/23/064/27/06

Keywords

  • Address space randomization
  • Code islands
  • Denialof-service attacks
  • Derandomization attacks
  • Intrusion mitigation

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'Improving address space randomization with a dynamic offset randomization technique'. Together they form a unique fingerprint.

  • Cite this

    Xu, H., & Chapin, S. J. (2006). Improving address space randomization with a dynamic offset randomization technique. In Applied Computing 2006 - The 21st Annual ACM Symposium on Applied Computing - Proceedings of the 2006 ACM Symposium on Applied Computing (pp. 384-391). (Proceedings of the ACM Symposium on Applied Computing; Vol. 1). Association for Computing Machinery. https://doi.org/10.1145/1141277.1141364