Exploiting Linux and PaX ASLR’s weaknesses on 32- and 64-bit systems

ثبت نشده
چکیده

Address Space Layout Randomization is a very effective mitigation technique. The first implementation was done by the PaX team in 2001, and since then it has been the most advanced and secure. We have analyzed the PaX an Linux implementations, and found several weaknesses. We have carried out a deep review and analysis of all constraints that determine ASLR operation. Based on these results we have designed and implemented a novel ASLR called ASLR-NG, which maximized the entropy (security) and does not introduce fragmentation (compatibility). ASLR-NG is specially suitable for 32-bit systems because of their intrinsic reduced VMA size. We have developed ASLRA, a tool to analyze the quality of the ASLR. This tool shows that ASLR-NG outperforms PaX ASLR in all aspects.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Porting to 64-bit GNU/Linux Systems

More and more 64-bit systems are showing up on the market—and developers are porting their applications to these systems. Most code runs directly without problems—but there is a number of sometimes quite subtile problems that developers have to be aware of for portable programming and porting. This paper illustrates some problems on porting an application to 64-bit and also shows how use a 64-b...

متن کامل

Prevention of Buffer Overflow Exploits in IA-32 Based Linux

We review four independent modifications, known as OWL, paged-PaX, seg-PaX patches and RSX module, made to the Linux kernel that aim to prevent buffer overflow exploits in IA32-based Linux. We show that two of these modification are ineffective, even though the ideas that they embody are workable. We bring attention to the fact that Linux on IA-32 does not use segmentation wisely. We also discu...

متن کامل

Poking Holes in Information Hiding

ASLR is no longer a strong defense in itself, but it still serves as a foundation for sophisticated defenses that use randomization for pseudo-isolation. Crucially, these defenses hide sensitive information (such as shadow stacks and safe regions) at a random position in a very large address space. Previous attacks on randomization-based information hiding rely on complicated side channels and/...

متن کامل

Two Research Contributions in 64-bit Computing: Testing and Applications

Following the release of Windows 64-bit and Redhat Linux 64-bit operating systems (OS) in late April 2005, this is the one of the first 64-bit OS research projects completed in a British university. The objective is to investigate (1) the increase/decrease in performance compared to 32-bit computing; (2) the techniques used to develop 64-bit applications; and (3) how 64-bit computing should be ...

متن کامل

Porting Linux to x86-64

x86-64 is a 64-bit extension for the IA32 architecture, which is supported by the next generation of AMD CPUs. New features include 64-bit pointers, a 48-bit address space, 16 general purpose 64-bit integer registers, 16 SSE (Streaming SIMD Extensions) registers, and a compatibility mode to support old binaries. The Linux kernel port to x86-64 is based on the existing IA32 port with some extens...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2016