Address Space Layout Randomization Next Generation
نویسندگان
چکیده
منابع مشابه
SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs
Traditional execution environments deploy Address Space Layout Randomization (ASLR) to defend against memory corruption attacks. However, Intel Software Guard Extension (SGX), a new trusted execution environment designed to serve security-critical applications on the cloud, lacks such an effective, well-studied feature. In fact, we find that applying ASLR to SGX programs raises non-trivial issu...
متن کاملRevisiting Address Space Randomization
Address space randomization is believed to be a strong defense against memory error exploits. Many code and data objects in a potentially vulnerable program and the system could be randomized, including those on the stack and heap, base address of code, order of functions, PLT, GOT, etc. Randomizing these code and data objects is believed to be effective in obfuscating the addresses in memory t...
متن کاملAddress Space Layout Permutation
Address space randomization is an emerging and promising method for stopping a broad range of memory corruption attacks. By randomly shifting critical memory regions at process initialization time, a memory layout randomization scheme converts an otherwise successful malicious attack into a benign process crash. Recent work[7] has shown that current randomization schemes can be bruteforced atta...
متن کاملRuntime Code Reuse Attacks: A Dynamic Framework Bypassing Fine-Grained Address Space Layout Randomization
Fine-grained address space layout randomization has recently been proposed as a method of efficiently mitigating ROP attacks. In this paper, we introduce a design and implementation of a framework based on a runtime strategy that undermines the benefits of fine-grained ASLR. Specifically, we abuse a memory disclosure to map an application’s memory layout on-the-fly, dynamically discover gadgets...
متن کاملLayout Randomization and Nondeterminism
In security, layout randomization is a popular, effective attack mitigation technique. Recent work has aimed to explain it rigorously, focusing on deterministic systems. In this paper, we study layout randomization in the presence of nondeterministic choice. We develop a semantic approach based on denotational models and simulation relations. This approach abstracts from language details, and h...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Applied Sciences
سال: 2019
ISSN: 2076-3417
DOI: 10.3390/app9142928