XIFER: A Software Diversity Tool Against Code-Reuse Attacks
نویسندگان
چکیده
The enormous growth of mobile devices and their app markets has raised many security and privacy concerns. Runtime attacks seem to be a major threat, in particular, codereuse attacks that do not require any external code injection (e.g., return-to-libc or return-oriented programming). We present, for the first time, a code transformation tool that completely mitigates code-reuse attacks by applying software diversity to the binary at runtime. Our tool XIFER (1) randomly diversifies the code of an application over the entire memory for each invocation, (2) requires no source code or any static analysis, (3) can be applied to both Intel x86 and ARM Linux executables, and (4) induces a negligible runtime overhead of only 1% in average.
منابع مشابه
Dwarf Frankenstein is still in your memory: tiny code reuse attacks
Code reuse attacks such as return oriented programming and jump oriented programming are the most popular exploitation methods among attackers. A large number of practical and non-practical defenses are proposed that differ in their overhead, the source code requirement, detection rate and implementation dependencies. However, a usual aspect among these methods is consideration of the common be...
متن کاملChronomorphic Programs: Using Runtime Diversity to Prevent Code Reuse Attacks
Return Oriented Programming (ROP) attacks, in which a cyber attacker crafts an exploit from instruction sequences already contained in a running binary, have become popular and practical. While previous research has investigated software diversity and dynamic binary instrumentation for defending against ROP, many of these approaches incur large performance costs or are susceptible to Blind ROP ...
متن کاملLarge-Scale Automated Software Diversity - Program Evolution Redux
The software monoculture favors attackers over defenders, since it makes all target environments appear similar. Code-reuse attacks, for example, rely on target hosts running identical software. Attackers use this assumption to their advantage by automating parts of creating an attack. This article presents large-scale automated software diversification as a means to shore up this vulnerability...
متن کاملAlgorithmic Diversity for Software Security
Software diversity protects against a modern-day exploits such as code-reuse attacks. When an attacker designs a code-reuse attack on an example executable, it relies on replicating the target environment. With software diversity, the attacker cannot reliably replicate their target. This is a security benefit which can be applied to massive-scale software distribution. When applied to large-sca...
متن کاملAVRAND: A Software-Based Defense Against Code Reuse Attacks for AVR Embedded Devices
Code reuse attacks are advanced exploitation techniques that constitute a serious threat for modern systems. They profit from a control flow hijacking vulnerability to maliciously execute one or more pieces of code from the targeted application. ASLR and Control Flow Integrity are two mechanisms commonly used to deter automated attacks based on code reuse. Unfortunately, none of these solutions...
متن کامل